The purpose of this research project was to analyze the current state of data security practices in the financial services industry, particularly hedge funds. It investigated how firms are regulated as well as the effectiveness of the means of regulation. Finally, it recommended specific processes and procedures that hedge funds can put into practice to protect their critical information. This is an important area to research because the financial services industry makes up a large section of the global economy. Any distress this segment encounters due to security breaches could lead to systemic risk as well as the loss of confidence in capital markets. The study found that presently government regulations are not enough to protect the financial services sector and instill participant confidence. Furthermore, it determined that cyber readiness within the hedge fund industry differs by size of the fund and that smaller firms are not as far along in information security procedures as larger firms. The research concluded that although current government regulations are not proper to protect the hedge fund sector, a public/private partnership between regulators and industry groups could provide prescriptive solutions for improving data security. Finally, it concluded that individual firms need to put in place their own data security framework in order to protect the industry from large scale breaches as well as future costly governmental regulations.