A Must Have: Response Plan



Experts urge retirement plan sponsors to ratchet up their attention to cybersecurity—because cyber criminals have decided retirement accounts are worth their efforts. One immediate step plan sponsors can take is ensuring that an expert response plan is at the ready. Read on for guidance about putting a solid cyber breach response plan in place.


Drastic Uptick: Cybersecurity Events

The National Institute on Retirement Security (NIRS) recently convened a panel of experts to provide guidance on cybersecurity. Among the panelists was Jeffrey Saiger, Chief Technology Officer for the State Universities Retirement System of Illinois, who summed up the current situation this way: “The bad guys are doing their research…We’re a ripe target, unfortunately….”  Michael Kreps, a Principal at Groom Law Group concurred:  “We’ve seen a pretty drastic uptick in cybersecurity events” and noted that “criminals have decided the retirement system has a lot of money.”


So, what exactly is a retirement plan sponsor to do in the face of rising cybersecurity challenges to retirement plans? The American Society of Pension Professionals and Actuaries reports that according to the experts on the panel, preparing a response plan” before it is needed is imperative, and a solid response plan should include these elements:


  • definition of categories of incidents; 
  • defining roles and responsibilities; 
  • plan communications; and 
  • mapping out specific steps to resolve issues.


According to the experts, a fulsome cyber breach response plan means that in the event of a cyber breach, a plan sponsor is prepared to immediately engage expert legal counsel as well as to:


  • utilize cyber insurance and covered services; 
  • assemble a cross functional team; and
  • perform an analysis of root causes.


In sum, having a cyber breach response plan at the ready can make all the difference in whether or not a cybersecurity incident spirals into a disaster. Plan sponsors across the country are urged to get their response plans in place today via Colonial Surety’s affordable Cyber-Fiduciary Liability package, which includes:


  • Expert-led response services following a data breach.
  • Protection from lawsuits and regulatory actions related to the breach.
  • Legal services.
  • Computer forensic services.
  • Public relations and crisis management expenses.
  • Notification services.
  • Call Center services.
  • Credit and Identity monitoring


Now available with just a one year commitment, Colonial’s Cyber-Fiduciary Package, also covers defense costs and penalty limits up to $1,000,000, if faced with claims of alleged or actual breaches of duty in connection with the employee retirement plan. Remember, because a cyber breach can quickly spiral into allegations of a fiduciary breach, it’s critical for retirement plan sponsors to have both cyber and fiduciary liability protection. Colonial makes it so efficient and reasonable that you can secure your protection in minutes now:


Cyber and Fiduciary Liability Insurance Here.


Don’t Forget…

Plan sponsors are reminded that having a cyber breach response plan in place is among the specific cybersecurity actions included in the DOL’s Cybersecurity Guidance. The Department of Labor also expects plan sponsors to monitor the cybersecurity protocols of all service providers. Indeed, recent ERISA litigation underscores the importance of plan sponsors being prepared to answer key questions about the cybersecurity protocols of service providers, including, “Are we sure our service providers and their subcontractors adhere to appropriate data security policies and practices?”


Even the most diligent plan fiduciary can never fully eliminate the possibility of a cyber breach. Similarly, plan fiduciaries can never fully eliminate the risk of being held personally liable for fiduciary breaches—like failure to adequately monitor service providers. Why take unnecessary risks? The annual cost of Colonial’s Cyber and Fiduciary Liability  coverage is less than the fee for one hour of expert legal defense if a lawsuit or regulatory challenge strikes you and your business. Get covered, in minutes, today:


Cyber and Fiduciary Liability Insurance Here.


Pension plan professional? We’re here to help you make sure your plan sponsor clients have the coverage they need—and we’ve got you too. From Errors and Omissions Insurance to Fiduciary Liability Insurance, Employment Practices Liabiity Insurance–and more, we’re HERE with the coverages pension professionals need to keep the business going—and growing.


Insurance for Pension Professionals Right Here.

Colonial Surety Company is rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country. Serving customers since 1930, we are the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time.