A strong cybersecurity program is an investment manager’s primary defense against cyber breaches and their resultant costs. As the frequency of large cyber breaches and the costs of responding to them increase, mitigating cybersecurity risks becomes of paramount importance. A 2015 program sponsored by K&L Gates and the Investment Adviser Association (IAA) surveyed the cybersecurity threat environment and SEC cybersecurity initiatives; summarized the applicable laws and regulations that bear on cybersecurity; considered the multitude of cybersecurity risks faced by investment managers; and offered a number of strategies for mitigating those risks. The program was moderated by Mark C. Amorosi, partner at K&L Gates, and featured Jeffrey Bedser, CEO of iThreat Cyber Group; Laura L. Grossman, associate general counsel of the IAA; Andras P. Teleki, then-partner at K&L Gates; and E.J. Yerzak, then-vice president at Ascendant Compliance Management. This two-part series summarizes their insights. The first article outlines the panel’s thoughts on the costs of cyber breaches; applicable laws and regulations; and cyber threats. The second article discusses their views on mitigating cybersecurity risks. For discussions on how fund managers can learn from actual cyber attacks, see “Lessons for Fund Managers From the SEC’s First Identity Theft Red Flags Rule Settlement” (Nov. 15, 2018); “What Fund Managers Can Learn About Cyber-Breach Disclosure From Yahoo’s $35-Million SEC Settlement” (May 10, 2018); and “Steps Hedge Fund Managers Should Take to Defend Against the Rising Threat of Ransomware in the Wake of WannaCry” (Jun. 15, 2017).