Vendors are favorite targets of hackers, and they expose fund managers to unique regulatory and civil litigation risks. This first article of our two-part coverage of a recent Strafford seminar featuring Davis Polk attorneys Matthew J. Bacal, Daniel F. Forester and Matthew A. Kelly details the current risk environment; provides guidance for managers on vendor management and due diligence; and discusses underlying considerations when negotiating vendor agreements. The second article
will address critical data privacy and data security provisions fund managers should include in vendor agreements, along with key considerations for incident response. See “How Managers Can Identify and Manage Cybersecurity Risks Posed by Third-Party Service Providers
” (Jul. 27, 2017).