Cyber risk is never far from the news, but is a particular hot topic at the moment. This extract from a report by Crowe, reported on by Pensions Age, caught my eye. It could be relevant to you as a trustee, employer, pension provider or service provider.
It is easy to assume that a pension scheme or provider has insurance in place and so that cyber risk will be covered. However, when you look under the bonnet, the scope and extent of cover are not always what you expect or need.
If you are relying on third parties, for example administrators or platform providers, contractual protections may not be in line with market developments, particularly in older contracts. Is this something you have checked as part of your cyber-resilience review?
My specialist Partner David Varney comments: "Cyber risks are an ever-increasing area of concern across a number of sectors, including pensions and financial services. It is vital that pension schemes assess their ability to respond robustly to any cyber incidents and also have an adequate response plan in place.”
Nearly half (47 per cent) of UK pension schemes do not have insurance against cybercrime attacks and 43 per cent have not tested the strength of their IT systems and procedures for cybercrime protection, according to Crowe’s Risk Management Report.