We have never seen as many data breaches as those that occurred in 2014. Cyberhacking is at an all-time high, insider theft is a larger problem than ever before and the loss of personal information has skyrocketed. Accordingly, we have to (and would be ill-informed otherwise) predict that data breaches will become even more frequent and massive in 2015.
What does this mean for your business? The FBI reported this year that a hundred businesses were affected by the malware that affected Target and others. Over a year later, we are still seeing companies finding out now that they have been infected with the malware. We will continue to hear about massive data breaches in the next year. The lessons learned are that businesses must be pro-active with data security and should be shoring up data security practices to determine whether they have been infected and to mitigate any effects. Ignoring the issue without addressing it or finding out if you have been affected is not a recommended risk management strategy.
Now, more than ever before, is the time to get your security experts in the door and test your system and address any weaknesses.
We also predict that unions will put increasing pressure on businesses to notify the union before notifying employees of a data breach involving employee personal information so that the union can collective bargain the mitigation strategy for the affected employees. Several unions in 2014 filed claims with the National Labor Relations Board alleging that companies violated the NLRB Act when they failed to allow the unions to bargain mitigation to employees, including the details of notification and credit monitoring. We predict that this trend will continue for unionized shops, and anticipate a decision from the NLRB on this issue.