The Pensions Regulator (TPR) has updated its guidance on cyber security by calling on trustees and scheme provider to report all significant cyber incidents so it can build a better picture of the threat facing the industry.
The TPR points out that schemes are at risk of being targeted by criminals due to the large amounts of personal data and assets they hold.
This updated guidance comes after outsourcing group Capita was the victim of a cyber attack earlier this year, which is believed to have impacted a number of pension schemes.
TPR interim director of regulatory policy, analysis and advice Louise Davey says: “Cyber risk is complex, evolving and requires a dynamic response. It’s a very real threat as we have seen from events this year.
“We want industry to work openly and collaboratively together, and with us, to address the challenges of cyber threats and have a clear plan for when things go wrong. Doing so will make us all more resilient to attacks. As part of this, we want to hear about cyber-related incidents so our understanding of issues improves in real time.”
Commenting on this regulatory update Broadstone’s head of market engagement Simon Kew says: “We are pleased to see The Pensions Regulator taking a proactive role to tackle threats to cyber security within schemes.
“The prevalence of cyber attacks is increasing and pension schemes hold vast quantities of personal data to secure the retirements of this country’s present and future pensioners. Collaborating as an industry through actions like reporting on threats and attacks can help drive us towards a secure future that protects the pensions of members.”