On the go: A third of respondents to a poll by the Pensions and Lifetime Savings Association confessed they did not know their organisation’s cyber security plans, despite cyber crimes surging by 86 per cent in a single quarter this year.
The poll, presented at the PLSA’s Tech Conference 2020 by Lucy Stone, policy lead at the Pensions Regulator, revealed that 22 per cent knew their organisation had a cyber security response plan but did not know what was in it, while 11 per cent either did not have or did not know about such a plan at their business or scheme.
Ms Stone said that “ultimately, trustees are the ones who are accountable, they cannot outsource that”, and urged trustees to familiarise themselves with their response plans and policies.
“Go and find [the policy]. If you don’t know where it is, ask where it is. Look at it and assure yourself that it’s fit for purpose,” she said.
She added that, while the focus on cyber crime over recent years has led to a marked improvement in scheme and trustee awareness, especially among larger schemes, “that is not the case across the whole landscape”.
Smaller schemes in particular tend to lag behind their larger counterparts, Ms Stone said.
Speaking at the same event, Jim Gee, partner and head of forensic services at Crowe, said the need for robust policies was emphasised by the rise of cyber crime during the Covid-19 pandemic.
The government’s national crime statistics for England and Wales, released two weeks ago, showed the number of cyber crimes leaping from 876,000 to 1.61m in the three months ending June 2020, Mr Gee said, with cyber now accounting for half of all crimes committed in the UK.
“We need to be as well protected as possible, but also able to manage an attack if it happens, and to recover and mitigate the damage,” he said.
