Pensions - Articles - Trustees must avoid Cyber Security inertia

 Garry Wake, Managing Director of Trafalgar House said: “What many trustees might not realise is that it is they and not their administrators who are ultimately responsible for protecting member data. This very valuable, personal and financial information makes schemes extremely vulnerable to cyber fraud. As such, it is absolutely vital that the whole issue of information security and, in particular, cyber security climbs much higher up the trustee board agenda and is assessed not just at a point in time during the tender process but on a consistent and ongoing basis. This ideally should take the form of an annual independent data security review to keep a continuing log of high protection - this would deliver good peace of mind and reduce the risk to the scheme significantly.”

 “Trustees are extremely data mindful, as can be evidenced often by a reluctance to change providers and move data around unless absolutely necessary. We urge them not to be complacent. Doing so could mean they put up with a poor service as a result, or one that no longer fits their needs. It is crucial that information security claims more of a place for the long-term. Very few schemes are currently asking to tangibly see at all, let alone regularly, the IT solutions and software in place within potential or existing providers or, better yet, test them making pension scheme security a real issue.”