No individual, organization or industry is immune from cyber attacks, and entities with access to highly sensitive information, like benefit plans, are a bigger target for attackers. The operation and administration of benefits plans requires collecting, processing and storing data assets among multiple parties. Understanding the types of data, data flows, control points and the responsibilities of each party involved is important to minimize risks. We will review the current and emerging threats, examine plan sponsor cybersecurity concerns, discuss service provider requirements and responsibilities and the role of auditors in the process.
After coming to this session attendees will:
- Understand current and emerging threats facing our organizations;
- Examine plan sponsor cybersecurity concerns and responsibilities;
- Examine service provider responsibilities and risks related to entrusted data; and
- Discuss auditors’ roles and responsibilities.