Cybersecurity for ERISA Plan Sponsors & Fiduciaries: What In-House Counsel Need to Know (On Demand)

In April 2021, the U.S. Department of Labor issued cybersecurity best practices for benefit plan fiduciaries. Since then, DOL is actively enforcing cybersecurity in its investigations of both retirement plans and health and welfare plans – especially those that have experienced a data breach. The recent MOVEit cyber incident demonstrates that just one vendor's software defect can result in lawsuits and can affect hundreds of plan sponsors, millions of plan participants, and investment funds in the trillion-dollar range. In Walsh v. Alight Solutions, the Seventh Circuit ruled that DOL has authority to issue subpoenas in the course of its cybersecurity investigations. In this session, we will discuss the latest cybersecurity related litigation and focus on practical steps you can take to mitigate the cyber risks posed by your own ecosystem of benefit plan fiduciaries and service providers.