b'Organizations must develop a "defensible response" to data breaches and fraud incidents because of the likelihood of a regulatory investigation or legal action, says attorney Kim Peretti, a former Department of Justice cybercrime prosecutor.'