The full Bulletin can be found here.
Recent incidents like the Colonial Pipeline cyber attack and the Equifax data breach highlight the vulnerability of private information and critical IT systems. Given that defined contribution assets are now at $12 trillion, there’s increased concern over retirement savings being more at risk since plan sponsors and their vendors collect highly-sensitive personal data from plan participants and beneficiaries.
In April, the U.S. Department of Labor announced new guidance for plan sponsors, plan fiduciaries, record keepers and plan participants on best practices for maintaining cybersecurity, including tips on how to protect retirement benefits. This is the first time the department’s Employee Benefits Security Administration has issued cybersecurity guidance which includes the following discussion points plan sponsors must follow:
- Tips for Hiring a Service Provider: Helps plan sponsors and fiduciaries prudently select a service provider with strong cybersecurity practices and monitors their activities, as ERISA requires.
- Cybersecurity Program Best Practices: Assists plan fiduciaries and record-keepers in their responsibilities to manage cybersecurity risks.
- Online Security Tips: Offers plan participants and beneficiaries who check their retirement accounts online basic rules to reduce the risk of fraud and loss.
When: Monday, October 25, 2021. 2 pm – 2:50 pm EST/11:00 am-11:50 am PST
Moderator: Tim Rouse, Executive Director, The Spark Institute, Inc.
- George Michael Gerstein, Fiduciary Governance Group Co-Chair, Stradley Ronon Stevens & Young, LLP
- Barbara Erickson, Retirement Specialist, Gladstone Institutes
- Mike Fuller, Info Security Sr Engineer II, Principal Financial Group
- Chris Magno, General Manager, Service Organization, Security and Risk Management Team, ADP Retirement Services
Register for the live, in-person event here.
Register for the virtual conference here.