The SEC's new director of corporate finance says it's time for a refresh of the Breach Disclosure timeline.
This follows the Equifax breach social media firestorm and cybersecurity lessons that not all breaches notifications are created equal.
It's not clear exactly how breach disclosure requirements will be refreshed, but Bank Information Security has a nice write up about it.
"All publicly traded companies in the United States need to review how they internally disseminate information about potential breaches and when senior managers get informed about suspected intrusions, as well as ensure that correct controls and practices are in place for preventing insider trading. In addition, these companies should expect to see revised guidance about what they need to tell investors - and when - after they suffer a suspected intrusion"