The Importance of Cybersecurity for Plan Administrators

The Importance of Cybersecurity for Plan Administrators

To say that cybersecurity is important in today’s climate, would be a complete understatement. Not only is it essential for plan administrators to take precautionary measures against cyber-attacks, but it is also imperative to continue to stay up-to-date while continuing education on how to stay safe against evolving attacks. According to an article on betanews.com, cybercriminals can penetrate 93 percent of company networks. Cyber-attacks can lead to a breach of personal and financial information, which can be devastating for individuals whose retirement savings are at stake. Additionally, cyber-attacks can damage the reputation and credibility of the plan administrator, leading to a loss of trust from participants and potential legal and financial consequences. Therefore, implementing robust cybersecurity measures and regularly monitoring and updating them is crucial for plan administrators to ensure the safety and security of their plan participants’ information.

Meanwhile, the U.S. Department of Labor recently announced a new guidance for plan sponsors, plan fiduciaries, record keepers and plan participants on best practices for maintaining cybersecurity, including tips on how to protect the retirement benefits of America’s workers.

At the conclusion of a Plan Sponsor University (TPSU) Fiduciary Education Program held in Alpharetta, Georgia, TPSU Founder, and CEO, Fred Barstein spoke with Addie George, a Financial Advisor at Plan Sponsor Consultants a division of Hub International. Addie explained the lengths taken to educate clients on the importance of cybersecurity especially following the release of the DOL best practices guide against cyber-attacks. The guide has been very helpful, advising plan administrators to do things such as “have a formal, well-documented, cybersecurity program,” and “conduct periodic cybersecurity awareness training.” However, George noticed plan administrators feeling somewhat helpless when it comes to adhering to guidelines, prompting George to bring in an expert during her TPSU Program to help guide sponsors through implementation of new cybersecurity measures.

Read the Full Transcript Here:

Fred Barstein:
This is Fred Barstein, Founder and CEO of The Plan Sponsor University in Alpharetta, Georgia, where we just completed a TPSU program. I’m here with one of our adjunct lecturers Addie George.

Addie George:
Hello.

Fred Barstein:
Welcome, Addie. Okay if we ask you a few questions?

Addie George:
Yes.

Fred Barstein:
Before we do that, tell us a little bit about yourself and your organization.

Addie George:
Yep. So I’m Addie George, obviously, as you just said, I’m with Plan Sponsor Consultants and we’re a division of Hub International. So we are a advisory firm located right here across the street in Alpharetta, dealing with plans across a variety of sizes and needs.

Fred Barstein:
Great. So one of the things, the questions I asked some of the plan sponsors is what they learned and all three of them said cybersecurity. That was the favorite part. So that’s not obvious that it’s part of 401k. Why did you bring a cybersecurity expert and how are you working with your clients on cybersecurity issues?

Addie George:
Yeah. So, probably the first big thing that triggered it was really the DOL guidance that came out and how even before that we had cybersecurity in our RFP that we had developed when we were looking at record keepers. But that really brought it to the forefront of discussions for plan sponsors when that guidance came out.
And then some record keepers, of course, were really quick to answer, “Here’s how we’re meeting all these guidelines and helping you meet the part that the plan sponsor has,” right? Because those guidelines came out in three parts and others were not.
So we just knew that it’s been something that’s resonated with our clients and our prospects and in our digital marketing. And so it seemed like a great fit to bring in here just to continue to educate.
I think a lot of plan sponsors, like you said, they don’t think about cybersecurity in the 401k and it is an important piece that they are monitoring what’s being done with their participants’ data.

Fred Barstein:
So the 401k is way beyond just fees, funds, and fiduciary. You got to do that. And one of that is cybersecurity. And having that expertise, I think, really distinguishes you when you’re… Probably not a lot of advisors talking about that.

Addie George:
I think there’s a lot of advisors that are scared to talk cybersecurity, right? They don’t understand it necessarily. And we don’t claim to be cybersecurity experts, that I’m not somebody who could go and tell you how to hack even my own computer.
But we know how to bring in the prudent experts and to evaluate those questions and knowing the questions to ask. Just like the plan sponsors, we don’t expect the plan sponsor to be a cybersecurity expert. They can’t be. They have to be their own job. But they can know the questions to ask to start to get the information to go, “Okay, this organization is doing what they need to do to protect.”
Those organizations can dumb it down to those of us that are not cybersecurity experts so that we still can feel confident that they are protecting our employee data or our participant data.

Fred Barstein:
Final question, I know this is your first TPSU.

Addie George:
It is.

Fred Barstein:
How was it and why do you think plan sponsors should come to a program like this?

Addie George:
Yeah, I think today, this was our first TPSU event. It was great. We had some great attendance. It was great to see people back in person, which has been, I think, a big draw too.
But I think the number one thing that they got out of it was really the networking and learning from each other. And of course the education that we’re bringing to them. But definitely their chance to talk plan sponsor to plan sponsor seem to be a big draw for them. A big moment.

Fred Barstein:
They rarely get to talk to each other, right?

Addie George:
They don’t. Especially, I mean right now they’re Zoom-meeting’d out. So to be able to have that time even over a break, and walk out here, and grab a cup of coffee, and meet a colleague in another business, I think is huge.

Fred Barstein:
Or over lunch, working lunch.

Addie George:
The working lunch when they’re talking about the ideal plan, if they’re similar sized companies.

Fred Barstein:
Right. Great. Well, thanks for your time.

Addie George:
Thank you so much.

Fred Barstein:
Thank you for doing TPSU.

Addie George:
Yes.

Fred Barstein:
We couldn’t do it without you. And thank you for watching 401kTV.

FOLLOW US:

Thank you for visiting our site!

TRAU, Inc. and its affiliates TPSU and 401kTV do not provide investment, legal, tax or accounting advice. 401kTV readers and viewers should consult their legal and tax advisors for guidance. All materials, including but not limited to articles, directories, photos, videos, graphics etc., on this website are the sole property of TRAU, Inc. and are intended for educational purposes only. We do encourage your sharing 401kTV content with Plan Sponsors; however, unauthorized use of any and all materials is prohibited/restricted.

Permission to use any of the materials, etc. on any of this site or affiliate websites may be requested in writing at Webmaster@401ktv.com and may be granted in writing on a case by case basis. Use of all editorial content without permission is strictly prohibited.

Scroll to Top