PE sponsors have become savvy over the years about the importance of robust cybersecurity practices at both their own firms and in the portfolio companies acquired by their respective funds. Although sponsors often justifiably focus first on ensuring technology is fortified, there are many low-technology practices that can be adopted (e.g., educating management, framing cybersecurity as a value creator, etc.) that can also meaningfully bolster cybersecurity programs. To discuss cyber and data protection for PE firms and portfolio companies, as well as from an investor perspective, SS&C Intralinks (SS&C) recently sponsored a panel that was moderated by SS&C principal solutions consultant Paul Loefstedt. The speakers included Thomas Baasnes, a cybersecurity director at Verdane; Julia Dudenko the chief information security officer (CISO) at Haniel; Nigel Diesveld, the CFO and chief risk officer at HPE Growth; and Paul Harragan the global cybersecurity lead (portfolio CISO) at KKR. This first article in a two-part series identifies key cybersecurity measures and incident response efforts that can help firms secure fund data and stay ahead of emerging cyber threats. The second article will offer suggestions for addressing cybersecurity during the deal process and post-acquisition, as well as tips on changing perspectives and insurance. See “Ten Cybersecurity Resolutions for 2024” (Jan. 25, 2024).