As security breaches continue to proliferate and criminals become more sophisticated at compromising their many targets, fund managers face significant and potentially devastating reputational and financial threats. Even a small cyber incident can erupt into a high-profile cyber event depending on whether it becomes public. The publicity surrounding these events can escalate the problem beyond the technical breach and raise the stakes on how fund managers respond. This first installment of our two-part series on cyber breach communication plans discusses how to identify vital participants and their roles; details key playbook components and the benefits of advance planning; and offers guidance on how to communicate during a cyber crisis event. The second article
will detail how to coordinate with a third-party vendor; strategies for handling external communications to the media, regulators and others; and how to overcome common pitfalls and challenges. See “Cyber Insurance Coverage, Pre-Breach Mitigation Efforts and Post-Breach Response Plans Can Reduce Harm to Fund Managers From Cyber Attacks
” (Jan. 19, 2017); and “Former Prosecutors Address Trends in Cybersecurity for Alternative Asset Managers, Diligence When Acquiring a Company and Breach Response Considerations
” (Oct. 6, 2016).