In today’s business and legal environment, corporate counsel plays a critical role when their company experiences a data security incident. General Counsels (GC) can no longer profess ignorance on “tech stuff” and pass the buck to Information Technology (IT). The frequency, sophistication, and severity of cybercrimes continues to increase. Every enterprise possesses sensitive information. When that information is compromised the door opens to a range of liability issues. Note I wrote “when” and not “if.” Former FBI Director Mueller famously said that, “there are only two types of companies: those that have been hacked and those that will be.” Yet many in-house counsel remain unprepared. Like a Little Leaguer stuck deep in right field, counsel knows they must catch the next data security incident that comes their way, but hope nothing happens. The best advice? Don’t fret about having to make the big play; prepare and plan your response ahead of time for when the ball comes your way. No one expects a GC to take over the IT department, collect forensic images, extract malware samples from memory, or solve the cyber crime. You will, however, be expected to know the proper steps to take in the event of a compromise, how to find the best help possible, and what pitfalls to avoid. This paper offers practical strategies to better prepare in-house counsel for a data security incident.