The Department of Labor (DOL) has issued guidance for plan sponsors and plan providers that cover best practices for them for maintaining cybersecurity.
This guidance comes pretty quickly after the Government Accountability Office (GAO) asked the DOL to guide everyone on the growing issue of cybersecurity. Thanks to the sophistication of cybercriminals and some recent cases of cyberthreat, the guidance has come at a time of need for guidance.
The DOL provided three forms to provide guidance on cybersecurity.
1). Tips for Hiring a Service Provider: Provides guidance to plan sponsors and fiduciaries to prudently select a service provider with strong cybersecurity practices.
2) Cybersecurity Program Best Practices: Assists plan fiduciaries and record-keepers in their responsibilities to manage cybersecurity risks.
3) Online Security Tips: Provides guidance to plan participants and beneficiaries who check their retirement accounts some basic online rules to reduce the risk of fraud and loss.