Private equity firms, like all businesses, are racing to defend against increasing attempts by organized criminal enterprises, individual hackers and state actors to steal confidential firm, investor and portfolio company data.  Continuously improving cybersecurity is a challenging business necessity today; it also raises serious legal concerns.  Regulators are watching.  The Securities and Exchange Commission has made clear that the failure to mitigate these cyberthreats through policies and procedures could be deemed a violation of the U.S. federal securities laws.