Sponsored by Allianz Life Insurance Company of North America
At PSCA’s Annual Conference last month, Assistant Secretary of Labor Lisa Gomez stated that plan sponsors should have cybersecurity liability insurance as part of their fiduciary duty.
She stated that some plan sponsors often think that if the company has cybersecurity liability insurance that it covers the plan, but often it is in the fine print that it does not. Gomez highly suggested that plan sponsors double check what is covered by a company cybersecurity policy, their provider, and fiduciary insurance and make sure a plan-related cybersecurity breach is covered.
We asked plan sponsors this week if they have a plan-specific cybersecurity insurance policy – unsurprisingly, only a third do with several stating they have a corporate policy but are usure if it extends to the retirement plan. If you fall in that camp, it would behoove you to find out. Comments follow.
Do not or are unsure:
- I would guess that our recordkeeper is covered.
- It is included in our Business Owners policy; as well as we have a separate Fiduciary liability policy.
- It's a worthy subject to start discussing.
- No policy held specific to retirement plan, but business has coverage overall
- Our company does have cyber security insurance, but I am not sure if it covers our retirement plan.
- Our recordkeeper offers account safety to those who register their account(s) and access them regularly.
- We do not but in today's day and age, I feel it should be a necessity. Will be looking into this.
- We have a corporate policy but nothing specific to the plan.
- We have a cyber insurance policy for the company, but not a separate policy for the plans in particular.
- I would like to hear more about this topic. I am not familiar with cybersecurity insurance.
- Our firm has a Cybersecurity Insurance policy but I am not sure if it covers the 401(k) funds
- We have a cybersecurity insurance policy for our company but I'm not sure if the coverage extends to our 401k plan.
- We have it corporately - not sure if it would cover the retirement plan itself though.
Yes, have a policy.
- I am assuming our general cyber security insurance will cover our plan, I will now need to go ask that specific question. Thank you.
- It is necessary in today’s environment.
- It should be mandatory these days.
- Must have.
- Sadly we feel cybersecurity insurance is a necessity at this point. With various cybersecurity controls in place, the cost can be kept reasonable.
- We have a company cybersecurity policy with coverage that extends to benefit plans.
- We have a cybersecurity team that vets all our third parties.
- Yes, our parent company sponsor it.