A strong cybersecurity program is an investment manager’s primary defense against cyber breaches and their resultant costs. As the frequency of large cyber breaches and the costs of responding to them increase, mitigating cybersecurity risks becomes of paramount importance. A recent program sponsored by K&L Gates and the Investment Adviser Association (IAA) surveyed the current cyber threat environment and SEC cybersecurity initiatives; summarized applicable laws and regulations that bear on cybersecurity; considered the growing cybersecurity risks faced by investment managers; and offered specific strategies for mitigating those risks. The program was moderated by Mark C. Amorosi, a partner at K&L Gates, and featured a panel consisting of Jeffrey Bedser, CEO of iThreat Cyber Group; Laura L. Grossman, Assistant General Counsel of the IAA; Andras P. Teleki, a partner at K&L Gates; and E.J. Yerzak, Vice President at Ascendant Compliance Management. This article, the second in a two-part series, discusses the panel’s views on mitigating cybersecurity risks. The first article
summarized the key points raised by the panel relating to the costs of cyber breaches; applicable laws and regulations; and cyber threats. For more on cybersecurity, see “Benchmarking and Best Practices for Hedge Fund Manager Cybersecurity
,” Hedge Fund Law Report, Vol. 8, No. 5 (Feb. 5, 2015).