Cybersecurity remains a top-of-mind issue for regulators, investors and advisers. As part of operational due diligence, investors often evaluate whether an adviser has robust cybersecurity defenses. Similarly, advisers must ensure that their administrators, brokers and other third parties have appropriate defenses. A recent program presented by the Investment Management Due Diligence Association (IMDDA) explored the fundamentals of cyber due diligence, the role of insurance in cybersecurity preparedness, recommendations for evaluating cyber insurance coverage and the evolving cyber risk landscape. The program was moderated by Richard M. Morris, a partner at Herrick Feinstein, and featured Herrick partner Alan R. Lyons; Herrick associate Erica L. Markowitz; and Michael Stiglianese, a managing director of BDO USA. This article details the panelists’ insights, which provide valuable guidance to investors when conducting cyber due diligence on fund managers and to fund managers about the necessary elements of a cybersecurity program. For additional insights from Morris, see “How Developments With California’s Pension Plan Disclosure Law, the SEC’s Rules and FINRA’s CAB License May Impact Hedge Fund Managers and Third-Party Marketers” (Oct. 13, 2016); and “How Can Hedge Fund Managers Market Their Funds Using Case Studies Without Violating the Cherry Picking Rule? (Part Two of Two)” (Dec. 12, 2013). For coverage of other IMDDA events, see “How Studying SEC Examinations Can Enhance Investor Due Diligence” (Oct. 6, 2016); and “How Managers May Address Increasing Demands of Limited Partners for Standardized Reporting of Fund Fees and Expenses” (Sep. 1, 2016).