Cyber for Plan Sponsors

Vigilance Against Cyber Crime



The Plan Sponsor Council of America (PSCA) urges continuous vigilance against cybercrime, Since criminals have retirement plans in their sights, efforts to prevent attacks are critical and must be ongoing. Having an expert response plan at the ready is essential.


Prevention—and Preparation Too

Stop waiting for cybercriminals and react after the fact. That’s the advice pension industry experts Tom Briggs and Tim Tuller of Transamerica urged on a recent national webinar for plan sponsors. Continuous threats to businesses and retirement accounts include phishing, malware attacks, and ransomware attacks. As the National Association of Plan Advisors reports, plan sponsors need to be continuously in conversation with service providers, discussing:


  • whether they have a written cybersecurity policy in place;
  • their ability to cover losses due to data breaches;
  • their security standards and practices;
  • information sharing and confidentiality policies; and
  • how they respond to potential security incidents.


Experts also stress that having an incident response plan in place is an important way to mitigate the damage and cost of a cyber breach. This can be especially challenging for small businesses which often lack the resources to form an expert response team.To help, Colonial Surety Company provides a unique and affordable protection package, designed specifically to ensure every business can access coverage.


When you are armed with Colonial’s Cyber Liability protection, presto: in the event of a breach, you will have the help of expert forensic and legal experts, who will identify what’s been comprised and coordinate the response. As needed, call-center support, credit and identity monitoring services, and even public relations expertise are provided. Liability protection in the event of covered lawsuits or regulatory actions due to a data breach? Of course, that’s included too. Learn More and Obtain Cyber Liability Protection Here.


Careful Selection and Ongoing Monitoring

An important fiduciary responsibility of plan sponsors is the diligent selection and monitoring of all plan service providers. Toward fulfilling this responsibility,  experts advise plan sponsors to ensure service providers:


  • have a formal cybersecurity program;
  • conduct prudent annual risk assessments;
  • have a reliable annual third-party audit of security controls;
  • clearly define and assign information security roles and responsibilities;
  • have strong access control procedures;
  • ensure that any assets or data stored in the cloud or managed by a third-party service provider are subject to appropriate security reviews and independent security assessments;
  • conduct period cybersecurity awareness training;
  • implement and manage a secure system development life cycle program;
  • have an effective business resiliency program addressing business continuity, disaster recovery, and incident response;
  • encrypt sensitive data, stored, and in transit;
  • implement strong technical controls in accordance with best security practices; and
  • appropriately respond to any past cybersecurity incidents


As you work to protect your retirement plan from the rise in cybercrime, keep in mind that under ERISA law, any individual involved with the management of a retirement plan can be held personally accountable for a breach of fiduciary duties. For example, if cyber attackers get their hands on participant information, plan sponsors can face allegations of fiduciary failures related to cyber security standards. That’s why Colonial Surety’s affordable Fiduciary Liability Insurance provides protection for your assets in the event of claims of actual or alleged breaches of duty—and automatically includes $50,000 of Cyber Liability Insurance. With lawsuits, crime and expectations on the rise, don’t wait: Obtain Fiduciary with Cyber Liability Insurance Here.


When selecting your plan sponsor protections, keep in mind that Colonial’s multi-year packages offer the greatest overall value, convenience and coverage and include:


  • The  ERISA bond required to protect the assets of the retirement plan from theft;


  • Fiduciary Liability coverage to protect you and your assets from personal liability;


  • Cyber Liability coverage to protect your company and plan from covered losses and expenses in the event of a cyber breach.


Complete and Affordable Plan Sponsor Protection Package.


Colonial Surety Company is a leading national and direct provider of ERISA  Fidelity Bonds. We are rated “A Excellent” by A.M. Best Company, U.S. Treasury listed and in business all across the country.


Founded in 1930, Colonial uses our experience—plus technology—to give small businesses easy, direct and affordable access to the same kinds of protections big corporations have. We excel at packaging products that make it simpler and faster for businesses to quickly access the protections they need. Oh, yeah—and we are here for You!