We'd imagine the recent data breach at TJX, which jeopardized the personal data of thousands of credit card holders, caused many companies to double or at least refocus their compliance efforts with regard to regulations like Sarbanes-Oxley, the Health Insurance Portability and Accountability Act and -- more specifically -- the PCI Data Security Standard.
However, as this Dark Reading piece points out, compliance with the PCI DSS won't be enough to protect many businesses from disasters like the TJX debacle. PCI compliance, after all, doesn't ensure that data breaches will be detected in a timely manner. So even though PCI and Sarbox compliance are good places to start, that's all they are when it comes to data breaches.
To avoid being "the next TJX on the block," the writer recommends taking such steps as keeping sensitive data in one place with virtualization, going the proverbial "second mile" with PCI compliance requirements, archiving your audit data for five years, and clearing endpoints of sensitive data after each SSL session.