As the scale, sophistication and prevalence of ransomware attacks continue to grow and affect organizations of all shapes and sizes, it is increasingly important for hedge fund managers to prepare for an inevitable attack and understand any compliance obligations that may arise from the incident. Those issues were addressed in a recent Arnold & Porter roundtable, which was moderated by Arnold & Porter partner Ronald D. Lee and featured Aaron Sherman, director of incident response at Coveware, Inc.; Dan Raymond, focus group leader on breach response and information security products at Beazley Group; as well as Arnold & Porter attorneys Marcus A. Asner, Kenneth L. Chernof and Tal R. Machnes. This first article in a two-part series outlines initial action steps fund managers should take upon being targeted in a ransomware attack; tips for deciding whether to work with law enforcement and pay the ransom; and measures for preserving attorney-client privilege when responding to the incident. The second article will identify mandatory reporting requirements; litigation and enforcement risks arising from ransomware attacks; protective measures to take before an attack; and important compliance considerations. For additional insights from Arnold & Porter attorneys, see our two-part series on an SEC risk alert: “Why the SEC Distinguishes ESG From Other Strategies and How to Prepare for a Potential Exam” (Jun. 24, 2021); and “Inadequate Controls, Policies and Procedures Concern SEC As Do ESG Practices Inconsistent With Disclosures” (Jul. 8, 2021).