What a company should prioritise after a data breach