Weak service provider cybersecurity practices pose material risks to private fund managers. As connectivity grows, managers run the risk that data entrusted to vendors could be compromised, or that the manager’s own system may be breached through one of its vendors. Consequently, it is critical to understand and manage the risks posed by vendors. A 2017 program presented by Advise Technologies (now Compliance Solutions Strategies) discussed ways to assess vendor risk; best practices for managing vendors; uses of due diligence questionnaires; and common errors in vendor management. Advise’s chief regulatory attorney and managing director, Jeanette Turner, moderated the discussion, which featured Jason Elmer, then-managing director at Duff & Phelps, and Aaron K. Tantleff, partner at Foley & Lardner. This article summarizes their insights. For other commentary from Turner, see “A Roadmap of Potential Landmines for Fund Managers to Avoid When Completing the Revised Form ADV” (May 25, 2017). See also “Surveys Show Cyber Risk Remains High for Investment Advisers and Other Financial Services Firms Despite Preventative Measures” (Jul. 20, 2017); and “Study Reveals Weaknesses in Asset Managers’ Third-Party and Vendor Risk Management Programs” (Mar. 9, 2017).