Experts advise that an important aspect of risk management in this era of cyber threats is anticipating the worst—and having a response plan at the ready. This is especially true for assets that are the most valuable.
Not All Cybercrime Make The News
In fact, most don’t—but that doesn’t mean that the businesses and people involved did not experience devastating loss and disruption. The reality is the same cybercrime tactics behind the stories that do make the news, threaten businesses of all sizes. For example, hackers used compromised log-in credentials to access the personal information of 5.2 million customers of Marriott International. At Zoom, easy-to-guess passwords made a “credential stuffing attack” possible, resulting in the information of 500 users for sale on “the dark web.” Similarly, employee credentials at Twitter were used to send fake tweets out from high-profile accounts.
Think about the loss and disruption these same cybercrime tactics could cause in your company—and retirement plan? If you are reminding yourself to change your password—and train everyone around you to do the same—you are clearly not alone! As you step up your cybersecurity measures, an important step is having a current, expert, response plan in the event of a breach.
Best Practice: Assume The Worst
Experts at Womble Bond Dickinson explain:
Assume that your organization will be impacted by a cyberattack and create an incident response plan as well as a disaster recovery and business continuity plan to mitigate the damage.
Not every asset can be protected with the same level of diligence. The key is to focus on assets that will create the biggest problems if compromised.
Retirement plan data, is of course a valuable asset and therefore a priority for protection. In fact: Data records containing customer personally identifiable information (PII) is the costliest record type to be exposed in a breach….
Affordable Expertise For Small Businesses
Do you have an incident response strategy for your retirement plan? Is it updated and are you confident in it? Colonial Surety Company offers an affordable, service focused solution!
Packaged with the ERISA Bond required for your retirement plan as well as Fiduciary Liability coverage, Colonial’s Cyber Liability coverage provides these services in the event of a retirement plan data breach:
- Breach resolution and mitigation services
- Computer expert services
- Legal services
- Public relations and crisis management expenses
- Customer notification and call center services.
Close The Gaps: Cyber Vulnerability
There are action steps we can all take to increase our cybersecurity. For example, remember that third party service providers can be a source of cyber vulnerability, so make sure contracts address liability and allocate risk. Risk management experts also recommend an internal inventory and audit of sensitive data, employee training, investing in qualified IT resources, and cybersecurity and related insurance.
Choose A Three Point Coverage Solution for Plan Sponsors
Keep in mind: as a fiduciary, you could be personally named in a lawsuit if a plan participant sues for a fiduciary breach—including breaches associated with cybersecurity. That’s why Colonial Surety Company provides affordable, comprehensive coverage packages for retirement plan sponsors. Just select a package and receive a three point solution for the times at hand:
- The ERISA bond required to protect the assets of the retirement plan from theft;
- Cyber Liability coverage to safeguard your company and plan from covered losses and expenses in the event of a cyber breach; and,
- Fiduciary Liability coverage to protect you and your assets from personal liability.
Colonial Surety Company provides user-friendly, digital and direct service. You can easily and quickly purchase your bonds and related insurance coverage online—and instantly print or e-file them from your desktop—or anywhere.
Colonial Surety Company is in business all across the USA. We are rated “A Excellent” by A.M. Best Company and U.S. Treasury listed.