For the most part, our work focuses on people—the clergy and lay employees who serve The Episcopal Church in a variety of ways. CPG offers products, programs, and services to individuals, and collaborates with group administrators and vestry members to make sure all eligible Episcopal institutions are enrolled in the products, programs, and services that best suit their needs. Ours is a people-focused business, but every person and institution we serve has data that is valuable and people who are busy.
Our cybersecurity team works around the clock to keep CPG and client data safe (see article below), and over the past few years, we have updated our systems as well as our policies and procedures, to make service transactions easier and more convenient. In 2023, more than 85% of the most common service transactions were made via our newly updated web self-service portals. Now, with only a few clicks, individuals can manage their personal information, update plan beneficiaries, and tell us about births, marriages, and other significant life events. Also, newly hired clergy and lay professionals can enroll in their employers’ CPG-provided retirement, group health, and life insurance plans online.
Later this year, we will be launching new self-service and other online tools for our property and casualty insurance business.
We are investing in new technology with people in mind, and the feedback thus far has been overwhelmingly positive.
Cybersecurity: A Constant Focus
Stephen Tihor, CPG’s Enterprise Security Officer, talks about CPG’s cybersecurity program.
Whether our ITS team members are carving out time to understand the latest cyber threats, implementing security safeguards, or planning how we will respond to hypothetical future attacks, we’re working continuously to protect CPG and clients’ personal information. I took stock of the number of hours our technology teams focused on enterprise security last year alone, and it was around 6,000 hours! And we also engage outside vendors to help with this effort.
Every CPG employee is expected to do their part to shield our organization and our clients from malicious cyber behavior. It’s a message we reinforce through mandatory cybersecurity training at every level of the organization. Our clients may not realize it, but they also play a role in keeping their personal information safe. Everyone is now required to use multifactor authentication when they access their CPG accounts through the internet. It’s an extra layer of protection that is needed in these times of heightened risk.
We have a robust technical infrastructure, an experienced and dedicated team of employees, and additional coverage provided by security service vendors who were chosen after a rigorous selection process.
We can’t prevent all cyber threats, but we never stop working to mitigate the risks by implementing best practices with employees and clients and maintaining our vigilance through constant monitoring and testing.