Boards should assign responsibility to coordinate and develop their scheme's cyber security policy to one particular trustee, according to Anish Rav.
Speaking on 5 September at PP's annual Defined Contribution (DC) Conference, Capita Employee Benefits' head of DC strategy and proposition argued cyber security is no longer a fringe issue.
The General Data Protection Regulation (GDPR), which comes into force in May 2018, and the threat of a breach from criminals as well as media interest, means schemes must be proactive.
While a tick bock approach to cyber security is a good place to start, it could fall short when put to the test, he said.
There are a number of questions that trustee boards should be asking:
"Do you have a cyber security policy in place and are there protocols for it? How often does the scheme do penetration testing? How would you deal with a breach, and what is going to happen if you plan to change suppliers?"
The data links between a scheme and its service providers mean contingency plans need to be holistic.
Such an approach can benefit from one trustee taking charge of this work, Rav added.
"Who is your nominated cybersecurity expert? Trustees need to embrace all aspects of security and not wait to develop a cyber security strategy. A practical tip is that trustees do not have to be cyber security experts; they can if they want to but the main point is to have someone on the board that can coordinate the strategy.
"We have to move away from the tick box approach to cyber security as schemes have to keep personal records, the threat [from cyber criminals] is very real, and it is front page news."
Defined benefit (DB) schemes that provide GMPs must revisit and, where necessary, top-up historic cash equivalent transfer values (CETVs) that have been calculated on an unequal basis, a landmark court judgment said last week.
Technology platform PensionSync has partnered with quantum employment pioneer My Digital to help contractors and employers manage pensions as more workers do temporary work for multiple firms.
Capita Pensions has partnered with data technology solutions firm Intellica to tackle the GMP equalisation challenges facing pension schemes.
The Hewlett Packard Retirement Benefit Plan has reappointed EQ Paymaster as its third-party administrator (TPA) for five years.
Schemes and their administrators have rightly received much praise for ensuring that pensions have continued to be paid in full and on time during an unprecedented period of disruption.