“Attention all trustees and board directors. This is not a drill. We are experiencing a cyber incident. Please proceed to your designated emergency stations. We repeat, this is not a drill.”
One would have to be living in a pretty big cave or deep in some rainforest miles from good Wi-Fi not to realize that cyberattacks represent one of the most significant risks facing modern society. Not a day goes by where, somewhere in the world, an organization joins the growing list of victims of cybercriminals motivated by money, fame or political agendas.
While the call to arms for pension plans, third-party administrators, asset managers and consultants has been raised for years now, can anyone comfortably say the pension industry has taken big steps to address cyberattacks and data theft — risks the World Economic Forum’s 2018 Global Risks Report ranked third and fourth in likelihood to occur?
Here are actions designed specifically for trustees and board directors (e.g., fiduciaries) of plans as well as the executives responsible for the day-to-day…