Published: 06 November 2019
A new report released today outlines that cyber security is a clear financial risk facing pension schemes’ assets.
The report, jointly published by Nest and RPMI Railpen (Railpen), analyses the fallout from cyber-attacks and how the two pension schemes are approaching the topic. This includes details of high-profile cyber-attacks on businesses over the past decade and recommendations on how pension schemes can lower the cyber-attack risk in their portfolios.
While there is guidance for trustees on repelling cyber security risk in relation to the pension scheme itself, there is no equivalent advice for trustees on how to incorporate cyber security risk into their investment and stewardship processes.
Mark Fawcett, Nest’s Chief Investment Officer, believes there is more investors can do:
“The worst thing people can do is bury their heads in the sand. Cyber-attacks can seriously undermine the performance of a company, making what would seem an ideal investment opportunity turn into a costly mistake.
“Pension funds should check if the businesses they invest in take the threat of cyber-attacks seriously to help protect their members’ investments.
“The financial impact and importance of cyber-attacks can no longer be denied and needs to be considered in any responsible investment strategy. Companies cannot stop attacks from occurring, but preparedness and operational resilience is key.”
Richard Williams, CIO, RPMI Railpen added:
“Trustees need to acknowledge that it is not a matter of ‘if’ but ‘when’ their investee companies will face a serious cyber security breach.
“Today’s publication provides a toolkit for pension scheme trustees. Companies should be ready for questions from investors, and pension funds need to start raising the topic with their managers.”
The threat posed by cyber-attacks looks only set to increase:
While by 2020 analysts expect spending on cyber security to rise to $125 billion, the latest forecast puts the expected cost of cyber-attacks to reach $90 trillion by 2030.
Ends.
Notes for Editors
The report released today on cyber-attacks is titled: Why UK pension funds should consider cyber and data security in their investment approach. A copy of the report can be found here.
Included within the report are recent high-profile examples of companies which have been cyber-attacked and the resulting financial impact this caused, to them and their customers:
About Nest
Nest was set up by government to help deliver auto enrolment and ensure every employer has a pension scheme available for their eligible workers. It is now the largest pension scheme in the UK with more than 8 million members, looking after £8.5 billion worth of assets on their behalf.
Forecasts put Nest as having £20 billion assets under management by 2022 and by the late 2020s, one third of the working population is expected to have a Nest pension pot.
Nest is a not-for-profit pension scheme which is committed to helping millions of people, and particularly those on low income, enjoy a better retirement. It offers savers an award-winning investment strategy through a diversified portfolio and is a committed responsible investor.
About RPMI Railpen
RPMI Railpen acts as the investment manager of the railways pension schemes and is responsible for the management of around £30bn. Follow RPMI on Twitter @RPMIpensions.