Date: | 12/02/2021 |
---|---|
Organization: | Public Employee Retirement Administration Commission |
Referenced Sources: | PERAC Website |
PERAC Memo #32, 2021
Date: | 12/02/2021 |
---|---|
Organization: | Public Employee Retirement Administration Commission |
Referenced Sources: | PERAC Website |
PERAC Memo #32, 2021
Hours: 9:00 a.m. to 5:00 p.m., Monday through Friday
For deaf, hard of hearing, or speech impaired
Call to report suspected pension fraud
TO: All Retirement Boards
FROM: John W. Parsons, Esq., Executive Director
RE: Cybersecurity and Internal Controls
DATE: December 2, 2021
The threat of cybersecurity intrusions into personal and professional devices and IT systems has become increasingly frequent and varied. Despite the best efforts of entities large and small to protect their data and assets, successful attacks continue to occur. In prior PERAC Memorandums, most recently on October 26, 2021, PERAC has alerted retirement boards to hackers posing as individual members, board vendors, and even board employees. While PERAC, MACRS, and retirement boards have all placed additional emphasis on cybersecurity in the recent past, it is clear that more needs to be done. Due to this ongoing proliferation of illicit hacking activity, PERAC is hereby announcing a number of additional steps and initiatives aimed at maximizing security and awareness of the vulnerability of system assets and protected information. While we anticipate that certain actions outlined below will be memorialized in regulation in 2022, all board actions called for below are effective as of the date of this memorandum.
We have also included a link to cybersecurity guidance, developed specifically for pension plan sponsors, fiduciaries, and participants, and published by the Department of Labor earlier this year.
This guidance addresses 3 specific areas; Hiring a Service Provider, Cybersecurity Program Best Practices, and Online Security Tips. www.dol.gov/newsroom/releases/ebsa/ebsa20210414.
In summary, strong IT security and internal controls are the best remedy to combat the extensive efforts being made to compromise our systems. We urge all boards to prioritize this effort and work with PERAC and your municipalities to safeguard our information and assets. Our collective, coordinated initiatives are critical to maximizing this effort.
Philip Y Brown, Esq., Chairman
Auditor Suzanne M. Bump
Kathleen M. Fallon
Kate Fitzpatrick
James M. Machado
Richard MacKinnon, Jr.
Jennifer F. Sullivan
Hours: 9:00 a.m. to 5:00 p.m., Monday through Friday
For deaf, hard of hearing, or speech impaired
Call to report suspected pension fraud