Recent Posts


Tags


Archive

    News & Views

    Our latest news and blogs keep you in touch with our fast paced and ever changing industry.

    Pension scheme providers must do whatever they can to protect members from increasing cyber security threat

    By Monica Cope on Thursday, October 22, 2015

    Veratta, the specialist pensions data management and software firm, today urged pension scheme providers to adopt a future proofing approach to cyber security to ensure that pension scheme members and their sensitive information assets are completely safeguarded from scammers and fraudsters.

    Monica Cope, Chief Operating Officer at Veratta, said: “Research statistics released last week by the Office for National Statistics (following a field trial conducted between May and August 2015) indicate that there were an estimated 2.5 million** incidents of crime falling under the Compute Misuse Act in England and Wales, the most common incident where the victim’s computer or other internet enabled device was infected by a virus; it also included incidents where the respondent’s email or social media accounts had been hacked.

    Stories in the press about the public being targeted by scammers online are increasingly commonplace. Just last week an email scam in Northern Ireland saw a woman conned out of £77,000*. The pensions industry is certainly not immune to the threat of cyber-crime, and without more rigorous controls, particularly around processes and technology, there is an incident waiting to happen.Pensions data is extremely valuable – it’s people identities, whereabouts and financial circumstance. As an industry we therefore need to take a lead and demonstrate that we are treating peoples’ information and security just as seriously as other industries do. 

    Ironically, one of the biggest threats to member data is the very thing that has made pensions more amenable and accessible - the move to mobility.  The pensions industry is now being run on laptops, tablets and mobiles, with many owning multiple devices.  Just consider the nature of the information on schemes held on these devices and how easily they can be lost.  It is hugely worrying.”  

    Cope added; “Trustees need to be aware of the severity of this threat.  They need to fully understand what appropriate exercises and protocols are needed to manage and avoid what could be an extremely serious breach of the information that pension schemes hold.    They should consider things like penetration tests to analyse any hacking and security vulnerabilities, and ensure that software is always updated with the latest patches and that backups are regularly done. In the interests of preparation, schemes should also ensure they have an incident plan in place and and be ready to action it should the scheme data get hacked.”


    Comments
    Post has no comments.
    Post a Comment




    Captcha Image

    Back to News