We all have a role to play in cybersecurity, and when it comes to protecting our retirement accounts, and our businesses, we all need to take the role extra seriously. The National Cybersecurity Alliance provides pointers and reminds us that we cannot just leave the protection of our funds and personal data up to tech gurus. Read on for actions everyone can take to guard against cybercrime, and advice on additionally critical steps for retirement plan sponsors.
Guarding Personal Info and Assets
Though it is impossible to completely eliminate cyber threats, we can all make it much harder for criminals by doing the basics. Actions like taking passwords seriously and thinking twice before we click on messages or post personal information can go a long way. Relatedly, one specific step retirement plan sponsors should take is to share the Online Security Tips provided by the Department of Labor with all plan participants. Frequent communications reminding plan participants to safeguard their accounts is essential. In addition to using the ready-made tips provided by the Department of Labor, other helpful and easy to follow support is offered by the National Cybersecurity Alliance, which reminds us: “Literally a few minutes of preparation can keep you safe. The benefits of a few moments of research, preparation, and action far outweigh the potential costs of losing your unprotected data in a breach or having your identity stolen. And even if some of your data is compromised, if you follow some simple guidelines, you can ensure that the damage will be minimal.”
The ten Online Safety Basics urged by the National Cybersecurity Alliance for everyone are:
- Keep a clean machine
- Create long, unique passwords
- Use a password manager
- Enable multi-factor authentication
- Think before you click
- Report phishing
- Use secure WIFI
- Back it up
- Check your settings
- Share with care
Fiduciary Obligations
Of course, retirement plan sponsors must go even further toward protecting the money and data of plan participants. In fact, plan sponsors are obligated to mitigate cyber breaches, following all of the related guidance from the Department of Labor. For example, retirement plan sponsors are expected to monitor the cybersecurity practices of every third party servicing the retirement plan. For help doing so, visit the Spark Institute, which gives specific examples for communicating with service providers about their cybersecurity controls. Even while addressing the expectations around cybersecurity, it is critical for plan sponsors to also recognize that lawsuits on behalf of plan participants are on the rise following cyber breaches:
After a hack impacting an ERISA plan’s assets or data, plan participants increasingly respond with litigation. Their targets can include the employer that sponsors the plan, plan administrators, and other fiduciaries. These suits can involve serious allegations, including breaches of the fiduciary duties ERISA imposes, for alleged failures to maintain adequate cybersecurity measures. The plaintiffs’ bar representing participants in such lawsuits is specialized and opportunistic…..Plan sponsors can therefore find themselves targeted by lawsuits questioning their fiduciary practices. As these lawsuits continue, and as the theories pursued in litigation continue to evolve, fiduciaries should understand that their data security practices (and their supervision of the data security practices used by the service providers they hire) could become the subject of litigation.
Colonial Surety Company offers an efficient, affordable and clear solution to help retirement plan sponsors manage their personal and business risks. Obtain protection for your company, your plan and yourself, as a retirement plan sponsor, for a few dollars a day with our Cyber Liability+Fiduciary Liability Insurance package. In addition to providing defense costs and penalty limits up to $1,000,000, if faced with claims of alleged or actual breaches of duty in connection with the employee retirement plan, Colonial’s Cyber Liability+Fiduciary Liability Insurance addresses numerous DOL recommendations, explicitly covers the retirement plan and the business, and includes:
- Expert-led response services following a data breach.
- Protection from lawsuits and regulatory actions related to the breach
- Legal services.
- Computer forensic services.
- Public relations and crisis management expenses.
- Notification services.
- Call Center services.
- Credit and Identity monitoring
Obtain your retirement plan sponsor protection online in minutes now:
Cyber Liability Insurance+ Fiduciary Liability Insurance
Colonial Surety Company is rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country. Serving customers since 1930, we are the trusted source for the pension industry to secure legally required ERISA bonds, fiduciary liability insurance and cyber-liability insurance. We help safeguard plan sponsors, pension professionals and financial advisors — and keep their businesses compliant — with pain-free, efficient, and friendly service every time