The U.S. Department of Labor’s (DOL) Employee Benefits Security Administration (EBSA) has provided
guidance to assist plan fiduciaries and recordkeepers in their responsibilities to manage cybersecurity risks. According to EBSA, pension plans and health and welfare plans covered by the Employee Retirement Income Security Act of 1974 (ERISA) often hold millions of dollars or more in assets and store and/or transfer participants’ personally identifiable data, which can make them tempting targets for cybercriminals.