Skip to content

Murray, Scott, Hassan Respond to New Labor Department Guidance on Retirement Cybersecurity

Department issues first ever guidance on retirement cybersecurity one month after a GAO report requested by Murray, Scott, and Hassan recommended such action


As of 2018, 106 million people were participating in private sector employer-sponsored defined contribution retirement plans with assets of nearly $6.3 trillion 


(Washington, D.C.) – Today, Senator Patty Murray (D-WA), Chair of the Senate Health, Education, Labor, and Pensions (HELP) Committee, Congressman Bobby Scott, Chair of the House Education and Labor Committee, and Senator Maggie Hassan (D-NH) released the following statement in response to new guidance issued by the Department of Labor for retirement plan sponsors, fiduciaries, record-keepers, and participants regarding cybersecurity.

“The Biden Administration is showing they understand that there is too much at stake for too many families for us to ignore the reality that cybersecurity and retirement security go hand in hand. Every worker and retiree should have confidence that their hard-earned savings are in fact safe. To make that happen, plan fiduciaries must be prepared to protect families’ finances and guard against constantly evolving cybersecurity threats. We have more work ahead, but this new guidance is an important step forward when it comes to bringing our retirement policies into the 21st century,” said the Members.


The announcement from the Department of Labor comes a month after the Government Accountability Office (GAO) released a report requested by the Members looking at the risk cybersecurity threats pose to retirement plans. The report from GAO looked at the exchange of people’s personal and financial information during the administration of retirement plans and the cybersecurity risks associated with this. In the report, GAO recommended the Department of Labor make clear whether fiduciaries are responsible for cybersecurity, and issue guidance on minimum expectations for mitigating cybersecurity risks.


Read the full GAO report the Members previously requested HERE.