PATS Cybersecurity Jeopardy

Cyber Basics

Risks & the Board

Breaches Happen

People & Passwords

Insurance & Simulations

100

What does cybersecurity help protect in a pension system?

Member and financial data

100

What type of attacks are becoming more common for public pension systems?

Cyberattacks

100

What’s the first thing to do when a breach occurs?

Follow the incident response plan

100

What’s one of the biggest risks inside an organization?

Human error or insider threats

100

What type of insurance helps protect organizations after a cyberattack?

Cyber insurance

200

Who gave the welcome remarks on Day 2?

Hank Kim, NCPERS

200

True or False: Trustees play a role in identifying and reducing cyber risks.

True

200

What’s one goal of incident response?

To limit damage and restore security

200

What is social engineering?

Tricking people into revealing information

200

Who moderated the session on Cyber Insurance & Vendor Requirements?

Laurie Mitchell, Tegrit

300

True or False: Cybersecurity is only the IT department’s job.

False— trustees share responsibility

300

Name one of the speakers who discussed board responsibilities in cybersecurity.

Michael Stoyanovich (Segal) or Paul LaClair (Linea)

300

True or False: It’s fine not to tell members if their data was compromised.

False

300

Who led the session on human risk factors?

Doug Hislop, Soteria

300

Why might trustees ask vendors to carry cyber insurance?

To protect both sides if a breach happens

400

Who led the session on ‘Cybersecurity Fundamentals’?

Peter Dewar, Linea

400

What should trustees make sure is regularly reviewed — policies, technology, or both?

Both

400

Who were the speakers for the Incident Response session?

Jeffrey Mills and Michael Stoyanovich, Segal

400

What can help prevent phishing attacks?

Employee training or strong passwords

400

What did trustees do in the Cybersecurity Challenge & Phishing Simulation?

Responded to a mock cyber incident

500

Why is cybersecurity important for trustees to understand?

It’s part of their fiduciary duty to protect data.

500

What’s one example of sensitive information a pension system must protect?

Member data or financial records.

500

What are the three main phases of incident response mentioned in the agenda?

Detection, mitigation, and communication

500

Who discussed real-time threat detection using AI?

Jean Carlo Oviedo, ABL Technologies

500

Who facilitated the Cybersecurity Challenge?

Jessica Ransome, NCPERS