How would you approach a security incident involving a data breach, including stakeholder communication?