Skip to main content
CLOSE

Charities

Close

Corporate and Commercial

Close

Employment and Immigration

Close

Environmental, Social, and Corporate Governance

Close

Fraud and Investigations

Close

Individuals

Close

Litigation

Close

Planning and Infrastructure

Close

Public Law

Close

Real Estate

Close

Restructuring and Insolvency

Close

Energy

Close

Entrepreneurs

Close

Private Wealth

Close

Real Estate

Close

Tech and Innovation

Close

Transport

Close

The Pensions Regulator has published its cyber security guidance to help trustees ensure that members and assets are protected against cyber risk.

The guidance outlines three key areas that need to be addressed: governance, controls and incident response.

In summary, it sets out steps that trustees should take in order to build cyber resilience, including:

  1. Clearly define, document and understand roles and responsibilities
  2. Ensure sufficient understanding of the cyber risk in their scheme, including by developing an awareness of the scheme’s “cyber footprint” (i.e. the extent of the digital presence of all parties involved in the scheme)
  3.  Receive regular training and have access to the required skills and expertise
  4. Ensure sufficient controls are in place to minimise the risk of cyber incident around systems, processes and people
  5. Include cyber risk on the scheme’s risk register and review regularly
  6. Assure themselves that all third party suppliers have sufficient controls in place
  7. Have an incident response plan in place
  8. Be clear on how and when incidents would be reported to the trustees and others, including regulators
  9. Regularly test and review controls, processes and incident response plan and be regularly updated on cyber risks, incidents and controls

The guidance comes at a time when trustees will already be prioritising cyber security and data protection issues in preparing for the General Data Protection Regulation.

Latest articles

Our Offices

London
One Bartholomew Close
London
EC1A 7BL

Cambridge
20 Station Road
Cambridge
CB1 2JD

Reading
The Anchorage, 34 Bridge Street
Reading RG1 2LU

Southampton
4 Grosvenor Square
Southampton SO15 2BE

 

Reading
The Anchorage, 34 Bridge Street
Reading RG1 2LU

Southampton
4 Grosvenor Square
Southampton SO15 2BE

Follow us

  • Lexcel
  • CYBER ESSENTIALS PLUS

 

BDB Pitmans has launched Broadfield and is now part of the new transformative international law firm.

Should you need to confirm our bank details, please call +44 20 7092 6996.

© BDB Pitmans 2024. One Bartholomew Close, London EC1A 7BL - T +44 (0)345 222 9222

Our Services

Charities chevron
Corporate and Commercial chevron
Employment and Immigration chevron
Environmental, Social, and Corporate Governance chevron
Fraud and Investigations chevron
Individuals chevron
Litigation chevron
Planning and Infrastructure chevron
Public Law chevron
Real Estate chevron
Restructuring and Insolvency chevron

Sectors and Groups

Private Wealth chevron
Transport chevron