Home > News > Newsmakers > Wilshire Advisors Hit by Cyber Attack
Newsmakers

Wilshire Advisors Hit by Cyber Attack

Firm announces it was the target of a ransomware attack in early March.
By Michael Katz



Wilshire Advisors has said it was the target of a ransomware attack that took place March 4.

“Once we learned of the incident, we activated our Information Security Emergency Process and disconnected parts of our network to attempt to contain the attack,” a company spokesperson said in a statement. “We also deployed internal and external incident response teams and notified law enforcement.”

The spokesperson also said that the company is working to restore systems and will be providing updates to clients as appropriate.

Tim Rouse, executive director of the SPARK Institute, a nonprofit retirement industry trade association, says the attack is a reminder that fiduciaries need to make sure the service providers they use to maintain plan records and participant data follow strong cybersecurity practices.    

Want the latest institutional investment industry
news and insights? Sign up for CIO newsletters.

“Clients want to know that the financial services firms that they’re working with have put in place proper security,” Rouse says.

Rouse’s organization recommends that its members follow 16 data security control objectives to determine a service provider’s overall data security capabilities, including risk assessment and treatment, security policy, physical and environmental security, and incident and event communications management. The objectives are described in detail in the SPARK Institute’s best practices guidance.

“These are the 16 critical areas that the plan sponsor wants to know to find out if they’ve done their due diligence,” Rouse says. “For each of those 16 categories, look at what controls are in place to test that category, how are those controls tested, and what the test results are.”

According to the Department of Labor’s Employee Benefits Security Administration’s tips for hiring firms with strong cybersecurity practices, it’s important to ask about a service provider’s information security standards, practices and policies, and audit results, and then compare them to the industry standards adopted by other financial institutions. The EBSA also suggests looking for service providers that follow a recognized standard for information security and ones that use a third-party auditor to review and validate cybersecurity.

Other EBSA tips include:

  • Ask the service provider how it validates its practices, and what levels of security standards it has met and implemented.  Look for contract provisions that give you the right to review audit results demonstrating compliance with the standards.
  • Evaluate the service provider’s track record in the industry, including public information regarding information security incidents, other litigation, and legal proceedings related to the firm’s services.
  • Ask whether the service provider has experienced past security breaches, what happened, and how the service provider responded.
  • Find out if the service provider has any insurance policies that would cover losses caused by cybersecurity and identity theft breaches.
  • Make sure that any contract signed with a service provider requires ongoing compliance with cybersecurity and information security standards—and beware of contract provisions that limit the service provider’s responsibility for IT security breaches.

Related Stories:

Cyber Attacks Are Financial World’s Worst Threat, Says Jamie Dimon

Missouri Teachers’ Pension Hit by Cyber Attack

SEC Proposes New Rules for Private Funds, Cybersecurity Risk Management

Tags: , , , , , , ,

Home > News > Newsmakers > Chile Rejects Two Pension Withdrawal Proposals
Newsmakers

Chile Rejects Two Pension Withdrawal Proposals

Politicians struggle to balance inflation fears with populist demands.
By Anna Gordon



Yesterday, Chile’s lower house voted to reject two proposals for the early withdrawal of pensions. The government of Chile has approved pension withdrawals three times since the pandemic started. Each withdrawal allowed citizens to withdraw up to 10% of their pension savings. The government hoped withdrawals would help citizens cope with the economic hardships caused by COVID-19.

Nevertheless, experts warn that increased withdrawals could lead to inflation, according to a Bank of America report.

Chilean citizens are currently required by law to put away a percentage of their incomes into privately managed pension funds. This system, started in 1981 under the Pinochet dictatorship,  has failed to provide retirees with an adequate standard of living: more than half of Chilean pension recipients do not earn enough from their pensions alone to put them above the poverty line. Because of this, the government supplements retiree income with additional payments.

Chile has long been trying to balance fiscal responsibility with populist demands. The president of Chile, Gabriel Boric, took office just last month and is known for his left-wing beliefs. He supported an unsuccessful attempt to authorize a fourth withdrawal in December, before he became president.

For more stories like this, sign up for the CIO Alert newsletter.

Since winning the election, however, he has told the press that he could not support pension withdrawals without restrictions due to the risk of inflation. Boric faced consequences for his position. His approval ratings have fallen 6.2%, according to Activa polls, and his disapproval rating has reached as high as 57%. Currently, Chile’s annual inflation rate is 9.4%, which is the highest the country has seen in more than a decade.

Related Stories:

Chilean President Pitches Reform in Wake of Deadly Pension Protests

Congress Mulls Expanding 401(k) Enrollments, Easing Retirement Fund Withdrawals

UK Insurance Sector Warns Rate of Pension Withdrawal Unsustainable

Tags: , , , , , ,

«