WASHINGTON—Federal regulators are considering a requirement that publicly traded companies disclose data breaches and other significant cybersecurity incidents within four days, as they seek to strengthen financial markets’ resilience to online attacks.
The Securities and Exchange Commission proposed a rule Wednesday that would impose mandatory reporting for companies around cybersecurity. Commissioners voted 3-1 to issue the proposal, which could be completed after the agency receives and analyzes feedback from the public.
