Cybersecurity Information for Retirement Plan Sponsors

It Can and Does Happen to Organizations Like Yours.

As you know, all institutions need to be on the lookout and proactive in avoiding cybercriminals. The threat grows larger every day and will likely never go away. Establishing a cybersecurity awareness program is only the first step. Your entire organization should be educated and aware of how to stay vigilant in the battle against fraud.

It is important that you continue to stay up to date on the Department of Labor’s (DOL) guidance on cybersecurity for plan sponsors, fiduciaries, plan participants and beneficiaries. We will continue to share information about the DOL's recommended best practices with you. In addition, you can follow the industry-leading cybersecurity practices outlined below. Protecting your organization from cyberattacks is a top priority, but it doesn't have to be intimidating.

Establish

Understand every step of your business process
Create procedures that are well-defined, repeatable, and testable

Enforce

Follow your tested procedures
Consider rewriting your procedures if there are frequent deviations

Educate

Understand current and emerging threats including malware, phishing, social engineering, etc. and best practices to protect against them
Train employees to recognize red flags within emails and text messages, and understand the escalation process in the event one appears

Empower

Give your employees the ability to question when something doesn’t seem right (e.g., when an employee suddenly begins receiving emails from the CEO)
Make it convenient and comfortable for employees to speak up when they have questions

Evolve and Enhance

Be mindful of the consistently changing threat landscape
Monitor and modify your procedures to align against the changing threat environment as often as possible
Review, test and modify procedures and continuity plans on a predetermined schedule – do not deviate from the schedule

Ready to Help

PNC Institutional Asset Management^® assists institutions in understanding the identification of red flags and communicating cyber hygiene best practices. If your organization would like assistance, please reach out to your PNC Representative or submit this Contact Us Form.

Schedule an appointment

SCHEDULE NOW

Find a branch near you

FIND NOW

Important Legal Disclosures and Information

1. 2023 AFP Payments Fraud and Control Survey — Report of Survey Results

The information and materials were prepared for general information purposes only and are not intended as legal, tax or accounting advice or as recommendations to engage in any specific transaction, including with respect to any securities of PNC, and do not purport to be comprehensive.

Under no circumstances should any information contained in these materials be used or considered as an offer or commitment, or a solicitation of an offer or commitment to participate in any particular transaction or strategy. Any reliance upon any such information is solely and exclusively at your own risk. Please consult your own counsel, accountant or other advisor regarding your specific situation. Any opinions expressed in these materials are subject to change without notice.

IBM® and IBM® Security Trusteer Rapport® are registered trademarks of IBM in the United States. By clicking “Download”, you will be directed to a third-party website hosted by Trusteer, a third-party that is not affiliated with PNC Bank. While this software is a valuable addition to your fraud prevention strategy, PNC Bank will not be responsible for the content or effectiveness of the services associated with Trusteer’s software.

PNC and PINACLE are registered marks of The PNC Financial Services Group, Inc. (“PNC”).

Bank deposit, treasury management and lending products and services are provided by PNC Bank, National Association, a wholly-owned subsidiary of PNC and Member FDIC.

Lending, leasing and equity products and services, as well as certain other banking products and services, require credit approval.

PNC General Disclosure