This article delineates how the Model Rules of Professional Conduct and the New Hampshire Rules of Professional Conduct ethically require attorneys to take reasonable steps to assess and implement cybersecurity controls to safeguard client information.