The growing threat of cyber attacks within the hedge fund community requires managers to develop and implement policies and procedures that address the cybersecurity risks unique to their firms.  The SEC continues to focus on cybersecurity issues, requiring hedge fund managers to increase their diligence with respect to cybersecurity compliance and ensure plans are in place to respond to cyber attacks.  See “SEC Guidance Update Suggests a Three-Step Framework for Investment Manager Cybersecurity Programs,” Hedge Fund Law Report, Vol. 8, No. 18 (May 7, 2015); and “Benchmarking and Best Practices for Hedge Fund Manager Cybersecurity,” Hedge Fund Law Report, Vol. 8, No. 5 (Feb. 5, 2015).  Policies and procedures should allow employees to respond quickly to cyber attacks, and once those plans are in place, employee education and training are needed to establish a robust cybersecurity plan.  During a panel at the recent RCA Enforcement, Compliance & Operations Symposium, speakers outlined the SEC’s expectations in relation to cybersecurity, key elements of developing a robust cybersecurity plan and responses to cyber attacks.  This article highlights the salient points made during that panel.