With a relentless increase in cyber attacks against companies and their law firms, the list of issues that keep general counsel up at night has expanded to include what happens when protected attorney-client privileged information is compromised in a cybersecurity incident. In this guest article, Locke Lord partners Theodore P. Augustinos and Donald E. Frechette examine both the historical and modern-day judicial treatment of otherwise privileged internal communications that find their way to the world wide web as the result of a cyber attack, and offer a series of “best practices” to increase the chances that a court will maintain the privileged nature of the relevant communication. See also “After Capital One Ruling, How Will Companies Protect Forensic Reports?” (Jun. 10, 2020).