Interesting blog authored by Bart Huffman and Charles Salmon of Locke Lord LLP (see here) discusses some legal issues generated by cyber-security incidents. The blog specifically deals with the issue of whether non-public written records concerning the breach (e.g. minutes of meetings, communications among the response team, etc.) may be privileged or protected under the work product doctrine.
For more information, Francesca Giannoni-Crystal