Cybersecurity and Employee Benefit Plans: How to Minimize the Risk

Tuesday, May 15, 2018 - 4:10pm5:25pm

No individual, organization or industry is immune from cyber-attacks. Attackers specifically target organizations with access to highly sensitive information, like plan sponsors of benefit plans or service providers. The operation and administration of benefits plans requires collecting, processing and storing data assets among multiple parties. To minimize risks, one must understand the types of data, data flows, control points and the responsibilities of each party involved. Come to this session to:
• Distinguish plan sponsor cybersecurity concerns and responsibilities under ERISA;
• Identify the Department of Labor’s Cybersecurity Considerations for Benefit Plans report and how to use this report in evaluating plan controls and safeguards;
• Recognize auditors’ roles and responsibilities when auditing an employee benefit plan.

Knowledge Level:


Field of Study:

Session Type:

CPE Credit: 
Advanced Preparation: 
Speaker(s) Speaker Details Session(s)
Michael Auerbach CPA, Chief, Division of Accounting Services, U.S. Department of Labor (EBSA), Washington, District of Columbia 3, 14, 21, 53
Deborah Smith CPA, Partner, Grant Thornton LLP, Chicago, Illinois 21, 50, 58
Jeff Ward CPA, CGMA, CITP, Partner, National SOC & WebTrust Leader, BDO USA, LLP, St. Louis, Missouri 14, 21