• Home
  • Admin/Tech
  • Benefits
  • Buzz
  • DB
  • DC
  • Diversity
  • Investment
  • Law & regulation
  • Risk reduction
  • Events
  • Whitepapers
  • Spotlights
  • Digital Edition
  • PPTV
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
    •  

      You are currently accessing ProfessionalPensions via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: [email protected]

      • Sign in
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • YouTube
  • Register
  • Subscribe
  • Events
    • Upcoming events
      event logo
      Webinar: Using passion for ESG to unleash member engagement

      This webinar will look at how pension schemes can harness their members’ interest in ESG to engage them more broadly with their pensions. In particular, it will look at exclusive research showing how members are reacting to ESG; their propensity to act versus their actual behaviour; and the expectations they have of providers in this regard.

      • Date: 26 Jan 2021
      • Webinar
      event logo
      Investment Conference

      This two part Investment Conference will bring you the latest updates from economists, asset managers and pension consultants. We will be taking a look at the outlook for the 2021 economy, alternatives, cashflow strategies and global equity markets to name a few, assessing how they fared through the volatility and what we can expect for the year ahead.

      • Date: 27 Jan 2021
      • Digital Conference
      event logo
      Webinar: What to put on your GMP Equalisation project roadmap for 2021

      This webinar will bring together views from actuaries, lawyers, administrators, trustees and data experts to look at the pragmatic, collaborative solutions that are open to schemes to solve the GMP equalisation challenges in 2021. It will assess the individual challenges schemes face with equalisations and provide some practical options that are available to resolve these issues.

      • Date: 02 Feb 2021
      • Webinar
      event logo
      Webinar: Will the world return to normal in 2021?

      In this webinar, PP editor Jonathan Stapleton will be joined by BMO’s chief economist Steven Bell and director of fiduciary management, Christy Jesudasan, alongside PTL trustee director Melanie Cusack and Isio’s head of fiduciary management oversight Paula Champion to discuss the significant impact of these themes on the pensions sector.

      • Date: 04 Feb 2021
      • Webinar
      View all events
      Follow our Professional Pension Events

      Sign up to receive email alerts about our events

      Sign up

  • Whitepapers
    • How DC schemes can gain exposure to different asset classes in a low-return environment

      So far, DC plans have largely been focused on the onset of auto-enrolment and changes to the regulatory framework - be it the ‘charge cap,' ‘pension freedoms' or consultations around ‘value for money', says Annabel Tonry, Executive Director at J.P. Morgan Asset Management (JPMAM).

      Download
      Pension freedoms three years on

      In 2015 George Osborne, then the UK Chancellor of the Exchequer, decided that those age over 55 could take much more of their pension in cash. This has since opened up a range of possibilities for DC scheme members in the world of pensions.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
  • Digital Edition
Professional Pensions
Professional Pensions
  • Home
  • Admin/Tech
  • Benefits
  • Buzz
  • DB
  • DC
  • Diversity
  • Investment
  • Law & regulation
  • Risk reduction
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
  •  

    You are currently accessing ProfessionalPensions via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: [email protected]

    • Sign in
  • Admin / Technology

Schemes urged to boost cybercrime protection following surge in criminal interest

Covid-19 has led to a surge in cybercrime
Covid-19 has led to a surge in cybercrime
  • Jonathan Stapleton
  • Jonathan Stapleton
  • @jonstapleton
  • 28 July 2020
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

Schemes and administrators have been urged to strengthen their cybercrime resilience after heightened criminal interest in the sector.

The call comes after reports surfaced that one unnamed pensions administrator had suffered - and thwarted - a ransomware attack.

The Pensions Administration Standards Association (PASA) said it was "aware" of current heightened interest from cybercriminals in the pensions sector.

Related articles

  • USS: Cost of scheme is 'growing challenge' as future returns 'likely to be lower'
  • DB schemes should use 2020 crisis as a 'learning opportunity'
  • Pension Schemes Bill gets final approval and waits for Royal Assent
  • People Moves Blog: LPP Investments names head of real estate; Phoenix hires ABI's Matt Burrell; PMI creates director of commerce and engagement role

It said: "This has the potential to have a very serious impact unless administrators are properly protected because of people's reliance on them to settle and pay their benefits from pension schemes."

PASA is currently finalising detailed guidance on how to maintain resilience in the face of cybercrime and has created a number of standards which will be published in September and incorporated into its accreditation process.

In the meantime, it urged schemes and administrators to make sure they understand their vulnerability to cybercrime.

The Pensions Regulator agreed. A spokesman said: "Pensions schemes hold significant amounts of valuable data which make them targets for fraudsters and cyber criminals, so it's vital that trustees and managers treat cyber security as a key risk and ensure third-party administrators do the same."

The regulator's guidance on cyber-security for pension schemes can be found here.

Crowe UK is the expert partner for PASA's cybercrime and fraud working group, which was set up earlier this year.

Partner and national head of forensic services Jim Gee - who chairs the PASA working group and is also a chair of the Centre for Counter Fraud Studies at the University of Portsmouth - said there had been a big increase in cybercrime generally over the past 15 years, particularly so over the past two years and during the Covid-19 pandemic.

Gee said the pandemic had been a particular factor in the most recent increase as large numbers of businesses had set up remote working at speed after the lockdown - and the security and controls usually in place were not always working so well in a remote working environment.

He also said criminals had changed their behaviour in lockdown as well - with the biggest threat coming from organised crime "businesses", rather than teenagers hacking from their bedrooms, or state actors.

Gee explained: "When the lockdown started, organised crime businesses saw their main source of income, the manufacture and distribution of drugs, was disrupted so they redirected significant resources from drugs into cybercrime."

He added: "The threat heightened, the defences were weakened and that is why we have a real spike in cybercrime now."

Gee said there were four key steps schemes and administrators could take now.

  1. Understand their cybercrime vulnerability

i) How attractive they are to cybercriminals - for example, Gee said, schemes hold and process rich seams of personal data which are very attractive because they can be used to attack and defraud others or to resell to other who will do this.

ii) What financial and reputational damage would be done if an attack took place - Gee explained many pensions organisations are highly trusted so the potential for damage is significant.

iii) To what extent are they cybercrime resilient - i.e. able to manage an attack if it happens and to recover and mitigate any damage.

  1. Strengthen their cybercrime resilience and reducing their vulnerability (as above).
  2. Make sure that they can continue to undertake key functions such as paying member benefits, managing investments, etc.
  3. Obtain independent assurance that they are well protected - Gee said simply asking those who currently provide this protection if they are well protected is not enough. He said if audit financial accounts are audited to check they are correct, then it is at least as important to obtain independent verification that pensions organisations are properly protected against cybercrime.

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • Admin / Technology
  • cyber security
  • cyber attack
  • The Pension Regulator
  • TPR
  • Crowe UK
  • Jim Gee
  • Pensions Administration Standards Association
  • PASA

More on Admin / Technology

LGPS funds see increase in claims over historic transfers

Around two-thirds (77%) of Local Government Pension Scheme (LGPS) funds have received a claim relating to historic transfers over the past 12 months, according to Eversheds.

  • Admin / Technology
  • 12 January 2021
Webb: Everybody wants certainty and wants to know what they're going to have to provide and when
DWP urged to give pension funds a stronger steer on dashboard data

Schemes need more certainty over the data they will have to provide for dashboards, as the minister is expected to take a heavier stance in 2021, experts say.

  • Admin / Technology
  • 07 January 2021
The paper outlines who is responsible for managing the cyber risks faced by pension schemes
Pension scheme cyber risk - the key challenges and who is responsible

The Institute and Faculty of Actuaries' Patrick Kelliher and Vanessa Jaeger look at the key cyber risks faced by pension schemes, who is responsible for managing these risks, and how these risks may be managed.

  • Admin / Technology
  • 05 January 2021
Partner Insight: What is the cost of getting future-fit when it comes to pension technology?

The UK pensions sector is in dire need of a technology revolution – and there are plenty of forces at play to push and pull the industry into the 21st century.

  • Admin / Technology
  • 05 January 2021
2021 outlook: What's next for technology?

After a year that took everyone by surprise, experts tell Professional Pensions what could be on the horizon for technology in 2021.

  • Admin / Technology
  • 23 December 2020
blog comments powered by Disqus
Back to Top

Most read

Trustees will need to be corporate finance experts under new TPR powers
Trustees will need to be corporate finance experts under new TPR powers
Livingbridge sells Broadstone to Intermediate Capital Group
Livingbridge sells Broadstone to Intermediate Capital Group
LGPS to become negative cashflow 'by 2024'
LGPS to become negative cashflow 'by 2024'
Pension Schemes Bill set for final debate next week
Pension Schemes Bill set for final debate next week
Aegon commits to net-zero default funds by 2050
Aegon commits to net-zero default funds by 2050
Trustpilot

 

  • Contact Us
  • Marketing solutions
  • About Incisive Media
  • Terms and conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • YouTube

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading