When an organization faces a cybersecurity incident, taking appropriate steps to preserve privilege is critical. Courts are applying the privilege more narrowly and may require a company to disclose documents in litigation that the business believed were confidential. To protect communications and work product, organizations must demonstrate that their purpose was for legal advice or made in anticipation of litigation, not ordinary business reasons. Here are eight key actions organizations should take to preserve the privilege during a cyber incident, including retaining third parties and limiting distribution of protected information.”]