As the scale, sophistication and prevalence of ransomware attacks continue to grow and affect organizations of all shapes and sizes, it is increasingly important for PE sponsors to prepare for an inevitable attack and understand any compliance obligations that may arise from the incident. Those issues were addressed in a recent Arnold & Porter roundtable moderated by Arnold & Porter partner Ronald D. Lee and featuring Aaron Sherman, director of incident response at Coveware, Inc.; Dan Raymond, former focus group leader on breach response and information security products at Beazley Group; as well as Arnold & Porter attorneys Marcus A. Asner, Kenneth L. Chernof and Tal R. Machnes. This first article in a two-part series outlines initial action steps fund managers should take upon being targeted in a ransomware attack; tips for deciding whether to work with law enforcement and pay the ransom; and measures for preserving attorney-client privilege when responding to the incident. The second article will identify mandatory reporting requirements; litigation and enforcement risks arising from ransomware attacks; protective measures to take before an attack; and important compliance considerations. For additional insights from Arnold & Porter, see our two-part series on an SEC risk alert: “Why the SEC Distinguishes ESG From Other Strategies and How to Prepare for a Potential Exam” (Jun. 8, 2021); and “Inadequate Controls, Policies and Procedures Concern SEC About ESG Practices Inconsistent With Disclosures” (Jun. 15, 2021).