The following is a summary of our cybersecurity programs and a list of the key services we provide:
>Pricing - $600
A cost-effective, customized, secure online platform including must have cybersecurity procedures for small and medium size retirement plans.
Employers of all sizes should, at the very least, strive to meet the ERISA prudence standard; and that means a customized cyber strategy and focusing on the review and evaluation of plan provider cybersecurity policies and procedures. Our Cybersecurity
· We create and maintain a secure online cybersecurity compliance file for each plan sponsor with secure access granted for appropriate stakeholders.
· We help design, document, implement and maintain a basic cybersecurity strategy.
· We help the plan sponsor identify the specific information at risk.
· We obtain and store updated cybersecurity policies and procedures for each retirement plan service provider – recordkeeper, investment consultant, TPA, custodian, etc.
· We review and evaluate service provider cybersecurity policies and procedures and document how they will gain access to sensitive data.
· We evaluate service provider contracts to help make sure they contain appropriate cybersecurity protections for plan sponsor and participants.
· We consult on current insurance coverage to help understand if adequate protection exists to cover plan sponsor and participants in case of a breach and loss.
· We monitor registered advisor regulatory disclosure information for cyber issues.
Cybersecurity Management Program
>Pricing - $900 - Annually
A cost-effective, customized, secure online platform that we utilize to create and manage a comprehensive cybersecurity risk management program for small and medium size retirement plans.
The Cybersecurity Management Program (CMP) builds upon the National Institute of Standards and Technology (NIST) frameworks five cybersecurity pillars – identify, protect, detect, respond, and recover – and adds another pillar, deter. The CMP is designed to lead a plan sponsors entire retirement plan cybersecurity effort.
The Cybersecurity Management Program includes everything listed above for the Cybersecurity Essentials program and adds more services, including:
· Design, documentation, implementation and maintenance of a comprehensive cybersecurity strategy including customization around the unique aspects of each retirement plan.
· We help educate and train employees working with plan information and plan providers, as well as participants, about best practices to avoid cybersecurity threats. People are often the weakest link in cybersecurity protection.
· Threat, vulnerability, and risk assessment.
· Ongoing review and updates to the CMP including plan provider policies and procedures, threat assessments, education, etc.
· We help create a process for reducing the plans “attack surface” and eliminating unnecessary data to reduce cyber risks.
· Document access rights and controls.
· Help ensuring state cybersecurity laws are complied with by all stakeholders.
· Incident response documentation. What happens when an attack is detected? Who’s responsible for what?
· We help create recovery plans and protocols to bring things back to normal after a cyber-attack.
While no program can completely protect retirement plans from cyber incidents, our service has been designed to cost-effectively construct, implement, and document a robust cybersecurity program. We welcome any opportunity to assist your plan sponsor clients with this important task.