Cybersecurity Insurance: Yes, Plan Sponsors Need It



Speaking at a Plan Sponsor Council of America convening, Lisa Gomez, the Assistant Secretary of the Employee Benefits Security Administration, emphasized the importance of cybersecurity insurance, and observed that many plan sponsors are confused about whether or not they actually have this protection. Here’s help.


Ask: What Is Covered?

Despite rising cybersecurity concerns, cyber liability insurance remains widely misunderstood among business owners and retirement plan sponsors. Referencing the ERISA Advisory Council’s 2022 report, Cybersecurity Insurance and Employee Benefit Plans, Assistant Secretary Gomez advised plan sponsors to speak with their insurance providers about what their cybersecurity coverage encompasses, and “make sure you are protected there.” Gomez pointed out, for example, “Many employers assume that since the company has cyber liability insurance, they’d be covered in a breach. The fine print in the policy notes that it applies only to the company and not the company in its capacity as a plan sponsor—something not obvious to most.”


Indeed, when asked about their current cybersecurity liability insurance, many plan sponsors expressed confusion over whether or not the company and plan were covered. Others were muddy over the need for cybersecurity insurance, given the outsourcing of plan services. In reality, while it is critical for plan sponsors to monitor the cybersecurity protocols of vendors, this does not eliminate their own responsibility for putting recommended practices, including insurance and response plans in place. 

As The Department of Labor reminds us, “Responsible plan fiduciaries have an obligation to ensure proper mitigation of cybersecurity risks.” ERISA defense experts have also been underscoring the importance of both fiduciary and cyber liability insurance, advising: “Doing without it would be a bad idea since your plan would potentially be exposed to uncapped liability in the event of litigation.”


Cyber Protection for Small Businesses and Their Plans?

Recognizing that plan sponsors from small businesses face the biggest hurdles affording and obtaining cybersecurity liability insurance, Colonial Surety Company, a leading national writer of ERISA Fidelity Bonds, offers an efficient, affordable and clear solution. Specifically, for a few dollars a day, plan sponsors can obtain protection for the company, the plan, and themselves, with a Cyber Liability+Fiduciary Liability Insurance package. In addition to providing defense costs and penalty limits up to $1,000,000, if faced with claims of alleged or actual breaches of duty in connection with the employee retirement plan, Colonial’s Cyber Liability+Fiduciary Liability Insurance includes:



  • Expert-led response services following a data breach.


  • Protection from lawsuits and regulatory actions related to the breach.
  • Legal services.
  • Computer forensic services.
  • Public relations and crisis management expenses.
  • Notification services.
  • Call Center services.
  • Credit and Identity monitoring 

Plan sponsors can obtain this comprehensive coverage online in minutes today, or even speak to one of our knowledgeable ERISA experts for further support. Start Here, now:


Cyber and Fiduciary Liability Insurance


Good To Know: AI?

Although EBSA has not yet released any specific guidance on artificial intelligence, the recent Plan Sponsor National Conference gave Secretary Gomez the opportunity to encourage plan sponsors to be “ wary of some of the dangers that could result from AI”:


For example, she said some in the industry, including plan sponsors and recordkeepers, have talked about using voice recognition as a way to verify they are speaking with a participant or beneficiary. However, she said voice recognition may not be the most reliable source, as bad actors have the ability, through using AI deepfakes, to mimic voices. She said AI, including tools like Chat GPT, could be helpful in creating plan documents and notices to participants, but again, she said it is important to be aware of the potential dangers and issues with tools like Chat GPT, as it is a “crowdsource tool” that only knows what is has been taught.


Fiduciary and Cyber Liability Insurance HERE 


Colonial Surety Company is rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country. Serving customers since 1930, we are the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time.