2015 was a year of dramatic change in the IT environment. Here are some of the biggest stories of this year that could affect CIOs in 2016 and beyond.
The OPM Breach
Data breaches at the U.S. government's Office of Personnel Management, which involved a total of 22.1 million people, or almost 7% of the U.S. population, served to spotlight the importance of cybersecurity issues even more broadly this year. CIOs that aren’t paying attention to this issue were reminded of how easily their systems – large or small – can be compromised. And for the federal government, things got even worse.
Michael Esser, OPM's assistant inspector general for audits, said the data breach followed a long history of lax security at the agency. Esser said that, while he acknowledges that federal government agencies often face challenging budget environments that limit their ability to undertake major IT initiatives, an inconsistent governance framework for information security is also to blame.
The Office of Personnel Management said those affected by their security breach included 19.7 million people who applied for security clearances, plus 1.8 million non-applicants, mostly spouses or co-habitants of applicants. The stolen data included Social Security numbers and other sensitive information, including a complete rundown of the personal lives of some 90% of applicants for security clearances.
The Dell-EMC deal
In October, Dell announced it would buy data storage company EMC for a record $67 billion -- the largest deal ever between two technology companies.
While experts say the purchase likely won’t radically reshape the technology market the way a deal between companies with competitive technologies might have (think Oracle’s purchase of Sun Microsystems, for example), it demonstrates how “old guard” tech companies are having to adapt to a more nimble market. CIOs no longer buy tech from one large company and settle in with them for the long-haul, and the struggles companies like IBM, Oracle and HP faced this year reflect that shifting dynamic.
The Dell-EMC deal may ultimately make it easier for companies to accomplish certain tasks, such as adopting hybrid computing models. But much remains to be seen as the merger progresses, and whether it will trigger more changes and consolidations for large, established tech companies unwilling to change with the times.
The EU makes big moves in privacy
EU officials put an end to the Safe Harbour agreement in October, causing significant concern for U.S. companies that operate in the EU. The Safe Harbour agreement had eased the transfer of data -- such as payroll and human resources information --between the two countries. The system was set up by the European Commission 15 years ago.
The EU court said American companies were "bound to disregard, without limitation the privacy safeguards where they come into conflict with the national security, public interest and law enforcement requirements of the United States.”
In December, after nearly four years of debate, EU officials finally reached agreement on a new EU-wide digital-privacy law.
The law, which must still be approved by the EU Parliament in January, creates a strict new legal framework for how companies can use individuals’ personal information. The law requires that consent for any use of personal data from individuals must be explicit and must be given each time the processing or use of the data is expanded or changed.
That “could have ramifications for businesses that apply ever-changing analytics as part of the march for Big Data,” said Stuart Buglass, vice president of Consulting at Radius Worldwide. “In many cases the current practice of getting a single consent box ticked at the point of initial collection will not be enough.”
The new law will also boost the bloc’s previously small privacy penalties to potentially billions of euros.
The H-1B visa debate
The future of H-1B visas has been in question this year, as several politicians have spoken out against the program of importing tech workers from other countries both as a way to protect American jobs and as a way to help improve security in this country.
Republican presidential candidate Donald Trump has been a proponent of restricting the H-1B visa program. More specifically, he has called for a provision compelling businesses to "hire American workers first" as well as raise prevailing wages to deter wage undercutting. Sen. Bill Nelson introduced legislation to reduce the H-1B cap by nearly 25%, from 65,000 to 15,000. Changes to H-1B visa policy could change how companies in the U.S. use foreign workers.
"By cutting the number of visas available each year and requiring those visas be given to the highest-wage earners first, this bill directly targets outsourcing companies that rely on lower-wage foreign workers to replace equally-qualified U.S. workers," said Nelson.
Nelson became a proponent of H-1B visa reform after Southern California Edison workers complained earlier this year that over 500 of them were laid off so the company could outsource labor at a lower cost. Soon after, Disney hired IT services contractors that use H-1B workers. Disney IT employees said they had to train visa-holding replacements in order to receive a severance.
Nelson is also a co-sponsor of an H-1B reform bill by Chuck Grassley (R-Iowa) and Dick Durbin (D-Ill.).
The Grassley-Durbin bill includes a priority system for visa distribution that favors advanced degree holders and those paid a high wage. It also limits the use of H-1B workers by offshore outsourcing IT services firms by prohibiting them from hiring added visa workers if more than 50% of their employees are already on H-1B or L-1 visas.
China-U.S. relations get interesting
U.S.-Chinese relations got even more interesting this year, from accusations that China was behind the OPM hack to a landmark agreement reached during Chinese president Xi Jinping’s visit to the U.S., it seems tech is one of the major drivers behind how the two countries interact, and whether they will be friends or foes.
In December, the U.S. and China reached an agreement on guidelines for requesting assistance in fighting cyber crime. China and the U.S. also agreed to work together to conduct "tabletop exercises" in the spring. The exercises would be designed to improve understanding of the expectations for response and cooperation. The talks included U.S. Attorney General Loretta Lynch, U.S. Department of Homeland Security Secretary Jeh Johnson and Chinese Public Security Minister Guo Shengkun.
China's Ministry of Public security said the new cybercrime agreement would have a "major impact" on the implementation of internet security measures.
Meanwhile, Xinhua, China's official news agency, said an investigation into the OPM breach determined it was a criminal act, and not state-sponsored. The news agency did not give details of who conducted the investigation. U.S. officials maintain that they believe the attack was a government-sponsored intrusion.