This article is just an example of the content available to mallowstreet members.
On average over 150 pieces of new content are published from across the industry per month on mallowstreet. Members get access to the latest developments, industry views and a range of in-depth research.
All the content on mallowstreet is accredited for CPD by the PMI and is available to trustees for free.
Schemes and their advisers should review their cyber incident monitoring frameworks, a third-party administrator has said, pointing to changes to weekly threat reporting by the National Cyber Security Centre.
A change at the end of last year in the reporting framework from the NCSC means threat and incident analysis is no longer available from their usual reporting sources, said Trafalgar House Pensions Administration, urging schemes to review their monitoring processes in response.
Head of IT Stephen Wright said the change in NCSC threat reporting frameworks, which came into effect at the end last year, alters the way advisories are issued and reported.
"Data breaches, scamming, ransomware, fraud - these have all become the stuff of trustee nightmares. And the sophistication of those threats is evolving rapidly, so it is important that schemes stay as far ahead of them as possible with comprehensive and proactive defense measures,” Wright said.
Trustees should contact their advisers regularly to ensure their measures are robust and that reports are made frequently, and to demonstrate that the mitigation of all vulnerabilities is progressing, advised Wright.
“A onetime spot check is simply not enough in this environment,” he said.
Wright recommends some actions trustees can take now, such as:
Verify cyber threat analysis updates: Confirm that all advisers are proactively updating and refining their cyber threat analysis reports.
Enquire about intelligence sharing participation: Directly question advisers on their involvement with intelligence sharing networks, such as the Cyber Information Sharing Partnership.
Clarify threat identification and management: Gain a clear understanding of the mechanisms advisers use to detect relevant cyber threats and incidents. Request detailed explanations on how these are integrated into their active risk management processes, ensuring a robust defence mechanism is in place.
Demand comprehensive and ongoing threat reporting: Insist on receiving frequent, detailed reports covering the spectrum of threat management activities — highlighting ongoing, resolved, and potential threats. These reports should demonstrate a continuous commitment to cyber security, reflecting an adaptive and responsive strategy to evolving cyber threats.
Check the procedures advisors have in place – are they being constantly evaluated and updated? What are the vulnerability scores? Do they adequately protect their business and client data?
Last week, the Pensions Regulator issued an intervention report about the cyber incident at pensions administrator Capita last March, which was reportedly a ransomware attack. Some data was stolen from Capita’s servers.
Have you recently reviewed your scheme’s cyber monitoring framework?
