To embed, copy and paste the code into your website or blog: On April 14, 2021, the U.S. Department of Labor announced new cybersecurity guidance for plan sponsors, plan fiduciaries, record-keepers, and plan participants. The guidance is specifically “directed at plan sponsors and fiduciaries regulated by the Employee Retirement Income Security Act, and plan participants and beneficiaries” and is intended to mitigate cybersecurity risks to pension plans and contribution plans. While organizations with mature cybersecurity and vendor management programs may not find much of note within the standards, the Department of Labor announcement highlights the general importance of employee benefits data and the Department’s heightened attention to such standards. The guidance consists of three supplementary documents including: 1) “Tips for Hiring a Service Provider”, 2) “Cybersecurity Program Best Practices”, and 3) “Online Security Tips”.