It’s no longer a question of if a retirement plan will be targeted by cybercriminals, but when. With vast amounts of sensitive personal data and trillions of dollars in retirement assets flowing through recordkeepers, custodians, and plan sponsors, these systems have become prime targets for increasingly sophisticated attacks. A single breach can devastate participant trust, trigger costly litigation, and put fiduciaries under the microscope of regulators. That’s why the Department of Labor has made cybersecurity a clear fiduciary obligation, not just an IT concern. For plan sponsors, the responsibility now extends beyond ensuring their own systems are secure—they must also verify that every vendor touching the plan, from recordkeepers to advisors, has the policies, audits, and protections in place to safeguard participant assets.
Against this backdrop, Fred Barstein, founder and CEO of TPSU and 401KTV, interviewed Robert Massa, Managing Director of Prime Capital Financial, following a TPSU program at Rice University in Houston. Massa, whose firm specializes in ERISA and non-ERISA retirement plans as well as wealth management, discussed the most common mistakes plan sponsors make—particularly the lack of attention to fiduciary responsibilities and cybersecurity.
Want to read the full article? Check it out here.
