A breach at the White House, plus others involving a university, hotel and health system are among the most recent to make headlines. And amidst the weekly litany of data loss reports and cybersecurity incidents, experts are weighing in with what organizations should be doing to keep their data—and their customers—safe.

First off, the breach news.

Senate Commerce Committee Chairman John Thune (R-SD) has given the White House until May 15 to provide information on a breach attributed to Russian hackers to the committee. "Just like any entity that handles personally-identifiable information, the White House has a responsibility to notify Americans if the recent, or any future breach, results in a compromise,” Thune said in a statement quoted by Reuters.

In Las Vegas, NV, the Hard Rock Hotel & Casino announced last week it discovered a malware attack on April 3 that “may have allowed hackers to steal credit card information used at its retail and service locations,” Business Insider reports. “The potential breach may have included names, credit card numbers and their CVV security codes but not PIN numbers or other sensitive customer information,” the report states.

The University of California Berkeley has sent out notifications following a breach involving approximately 550 individuals, including current and former students and parents. The university is offering free credit monitoring, Campus Technology reports.

The Associated Press reports Massachusetts-based not-for-profit Partners HealthCare is notifying approximately 3,300 patients about a breach after “its workers received phishing emails and provided information in response.”

With all those reports comes advice from experts—a study released by Experian Data Breach Resolution and the Ponemon Institute cautions that payment technology innovation is outpacing security, for example—and even some headlines about how companies are addressing their own data security in response to other organizations’ breaches.

Walmart, for example, has said it “learned several big lessons” from Target’s data breach in 2013, “including the need to continually test the security of its networks,” The Hill reports, while Computerworld looks at the Target breach to examine “realities of security.”

Walmart Chief Information Officer Karenann Terrell is quoted in The Hill report as saying, “Single points of failure anywhere can have really drastic effects, and the ability for an attack to go undetected for a period of time just exponentially increases the damage that can occur,” adding, “What we learned is we have to have white-hat testing capability on staff for continual testing.”

And CNet reports on recent firings as a result of data breaches, noting, “In ways that previous attacks on consumers never did, the firings have sparked a scramble for new security technology by companies desperate to head off the next costly, embarrassing cyberattack. And venture capitalists are responding, pouring unprecedented billions into a dizzying array of young companies and their, largely, untested products.”

Business2Community, meanwhile, offers advice for small businesses on point-of-sale systems following recent breach reports, and ITProPortal cautions, “While some companies are finally waking up to the growing threat of cyber crime, few organisations comprehend that only securing their outer defenses against attack is not sufficient.” The report suggests “people are the weakest link” and there is no “magic bullet” to stave off cyber threats.

Looking for tools, insights and guidance on how to respond to a breach? Check out this close-up in the IAPP Resource Center.