Trustees should double down on cyber risks in face of increasing threats

Commenting on this week’s National Cyber Security Centre (NCSC) , Stuart Leach, partner, 91探花 said: “While this Code of Practice is voluntary, we welcome its objective of supporting boards and directors of medium and large businesses to govern their cyber risk and enhance operational resilience. Pensions trustee boards are accountable for effective governance, cyber controls, resilience, and importantly robust plans to respond effectively to cyber incidents. With so many priorities involving technology, change and transformation, now is the time for pension trustees to double down on cyber security efforts to ensure protection of data, assets, and members.

“With increasing geo-political tensions and highly sophisticated cyber criminals motivated by financial gain and destabilisation, against British organisations and state agencies, and from our own observations of the threat landscape we expect cyber-attacks to increase, with broader targeting across industries. 

“Additionally, the Cyber Governance Code of Practice states that 50% of businesses and 66% of high-income charities experienced some form of cyber security breach or attack in the last 12 months, with the prevalence of attacks being even higher amongst medium businesses (70%) and large businesses (74%) (Cyber Security Breaches Survey 2024). This serves as a stark reminder that, for pension trustee boards there’s more to be done to improve cyber resilience and keep pace with emerging cyber risks and threats.”