The Hedge Fund Standards Board has published its findings from its first table top cyber-attack simulation for hedge fund managers in London.  The aim of the simulation was to explore the response of hedge fund managers to three scenarios: (i) data theft and leakage of sensitive data; (ii) financial infrastructure attack; and (iii) crypto-ransomware. The findings include the following: (i) confusion over responsibilities can prevent an effective response; cyber security should not be considered as just an IT issue, given the legal, compliance, investor relations and reputational issues involved; (ii) certain types of cyber attacks may exceed a manager’s internal response capabilities and they should be prepared to quickly obtain external legal and IT expertise; and (iii) the importance of preparing a cyber-security incident response plan in advance.