Securing the digital frontier: the trustee secretary’s crucial role in cyber risk management

Working with an existing client who operates a defined benefit pension scheme, we were brought on to assist with a critical and increasingly relevant issue: cyber risk management. Given the heightened prevalence of cybercrime in today’s digital world, pension schemes are recognising the pressing need to evaluate and manage cyber risks – a challenge that now sits near the top of most risk registers.

The Trustee board of our client recognised the urgency and importance of comprehensively understanding the cyber risks posed by their suppliers. However, they were unsure of how to approach this issue, the steps to take, and how to gather and analyse the required information.

Trafalgar House stepped in to help the Trustees devise a solid strategy to address their cyber risk concerns. We aided them in finding a suitable cyber partner, crafting a detailed supplier cyber questionnaire, and managing the distribution and compilation of responses. Further, we worked collaboratively with the cyber partner to analyse the data gathered and to present the findings of the review back to the Trustee board. The approach we adopted called on a mix of both in-house and external expertise on cyber risks. Our internal compliance and IT technical teams proved instrumental in supporting the process and pinpointing key risk areas.

The outcome of our efforts was a Trustee board that could demonstrate a robust and comprehensive approach to cyber risk management in a coordinated and ongoing manner. This was the first time the Trustee board had implemented a comprehensive cyber analysis and review strategy, marking a significant step forward in their risk management practices.