Financial services providers and financial institutions are prime targets for hackers, and have also been targets of SEC scrutiny – the agency has recently brought actions against Morgan Stanley, Craig Scott Capital, and RT Jones for cybersecurity violations, even in the absence of a breach. How can firms in those industries ensure their cybersecurity programs are robust and mitigate risk? At a recent symposium held by the Hedge Fund Association, panelists with various cybersecurity perspectives and expertise shared their insight on preparedness, incident response plans, vendor management, cyber insurance (including recommendations for carriers) and whether to use cloud services. See also our two-part series on how the financial services sector can meet the cybersecurity challenge: “A Snapshot of the Regulatory Landscape (Part One of Two)” (Dec. 9, 2015); “A Plan for Building a Cyber-Compliance Program (Part Two)” (Jan. 6, 2016).