In December 2023, The Pensions Regulator’s (TPR) cyber guidance moved the dial in terms of trustees and scheme managers cyber accountabilities, stating:
“As trustees and scheme managers, you are accountable for the security of scheme information and assets, even though, in practice, others will handle data and manage technology on your behalf.
Under pensions legislation you must ensure that your scheme is administered and managed within the requirements of the law, including data protection legislation.”
For pension schemes the issue of cyber risk is first and foremost a governance issue, not a technology issue. Trustees are not expected to understand the technology underlying cyber risk any more than they are expected to understand the intricacies of actuarial calculations or the analysis behind managers building an equity portfolio. But they are expected to understand the implications for their scheme, and be able to ask the right questions.
At Aon, we have been working with pensions schemes to do this important governance work for several years, supported by Aon Cyber Solutions, our specialist technical team. Pension schemes, with this support, can make big strides quickly in compliance with regulatory requirements and further cyber resilience.
Join us for this webinar where Aon experts will:
- Discuss lessons learned from recent cyber incidents and how schemes can be as prepared as possible to navigate an incident
- Explain the steps your scheme should be taking to comply with TPR’s 2023 cyber principles and fulfil the new General Code requirements
- Explore the recent developments in the cyber insurance market for pension schemes
|