Cyber for Plan Sponsors

Lessons From A Recent Hack


Recently, the Missouri teacher’s pension fund was attacked—exemplifying just how vulnerable retirement funds are to cyberattacks. Cybersecurity experts provide practical advice to help plan sponsors protect the retirement savings of their employees and beneficiaries.

Always Ask Questions

Plan Sponsor reports: “The hack at the Missouri fund occurred when an employee’s email account was accessed for less than an hour by someone outside the retirement system without authorization.” With so much at stake, and so many entry points possible, experts remind retirement plan fiduciaries that we cannot just outsource services and the related cybersecurity practices and “check it off the list.” As one expert sums it up: “That’s 100% wrong. You are responsible for that data.”  According to the experts, its critical for plan sponsors to consistently inquire about cybersecurity. Be sure it is built into the agenda for meetings with providers frequently. Stop assuming that because there were no incidents one month, there won’t be in the next month. Ask questions such as:


  • How would we know if an incident occurred?
  • What is the incident response plan?
  • What are our cybersecurity standards?
  • What are our 24/7 monitoring processes?


As you become more active with cybersecurity, don’t overlook coverage for yourself as a plan fiduciary: under ERISA law, any individual involved with the management of a retirement plan can be held personally accountable for a breach of fiduciary duties. If cyber attackers get their hands on participant information, plan sponsors could be faced with numerous lawsuits for failures related to cybersecurity standards. Obtain Colonial Surety’s affordable Fiduciary Liability Insurance and you’ll have protection for your assets in the event of claims of actual or alleged breaches of duty. Uniquely, Colonial’s Fiduciary insurance automatically includes $50,000 of Cyber Liability Insurance. With both lawsuits and expectations on the rise, don’t wait: Obtain Fiduciary with Cyber Liability Insurance Here.


Keep Up To Date

Catch up on the expectations the Department of Labor (DOL) provided in 2021 before the new year—and more regulations—come your way. Importantly, for example, the National Association of Plan Advisors (NAPA) reminds plan sponsors to take action promptly on the guidance issued by the DOL in spring 2021. In fact, legal experts report that the DOL has moved swiftly from the release of the guidelines to enforcement during reviews and audits. The guidance includes:

Put a Response Plan In Place

While monitoring the cybersecurity protocols of service providers, don’t neglect your own company. Auditors, for example, will want to know what your cyber breach response plan is. You can put a response plan in place affordably, today, by obtaining Colonial’s Cyber Liabiity Insurance. In the event of a breach, our policy includes legal and forensic experts who will identify what’s been comprised and coordinate the response. As needed, call-center support, credit and identity monitoring services and even public relations expertise are provided too. Liability protection in the event of covered lawsuits or regulatory actions due to a data breach? Yes, that’s included too. Learn More Right Here.

Don’t forget, Colonial’s multi-year packages provide the greatest convenience and value for plan sponsors, ensuring continuous compliance and protection. Packages include:


  • The required ERISA bond which protects the assets of the retirement plan from theft;


  • Fiduciary Liability coverage to protect you and your assets from personal liability; and,


  • Cyber Liability coverage to safeguard your company and plan from covered losses and expenses in the event of a cyber breach.


Obtain Complete Protection Package Now

Colonial Surety Company is rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country. Serving customers since 1930, we are the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time.