How Fund Managers Can Prepare for Investor Due Diligence Queries About Cybersecurity Programs 

Cybersecurity remains a top-of-mind issue for regulators, investors and advisers. As part of operational due diligence, investors often evaluate whether an adviser has robust cybersecurity defenses. Similarly, advisers must ensure that their administrators, brokers and other third parties have appropriate defenses. A recent program presented by the Investment Management Due Diligence Association (IMDDA) explored the fundamentals of cyber due diligence, the role of insurance in cybersecurity preparedness, recommendations for evaluating cyber insurance coverage and the evolving cyber risk landscape. The program was moderated by Richard M. Morris, a partner at Herrick Feinstein, and featured Herrick partner Alan R. Lyons; Herrick associate Erica L. Markowitz; and Michael Stiglianese, a managing director of BDO USA. This article details the panelistsinsights, which provide valuable guidance to investors when conducting cyber due diligence on fund managers and to fund managers about the necessary elements of a cybersecurity program. For additional insights from Morris, see How Developments With Californias Pension Plan Disclosure Law, the SECs Rules and FINRAs CAB License May Impact Hedge Fund Managers and Third-Party Marketers” (Oct. 13, 2016); and How Can Hedge Fund Managers Market Their Funds Using Case Studies Without Violating the Cherry Picking Rule? (Part Two of Two)” (Dec. 12, 2013). For coverage of other IMDDA events, see How Studying SEC Examinations Can Enhance Investor Due Diligence” (Oct. 6, 2016); and How Managers May Address Increasing Demands of Limited Partners for Standardized Reporting of Fund Fees and Expenses” (Sep. 1, 2016).

To read the full article

Continue reading your article with a HFLR subscription.