A member of the Securities and Exchange Commission (SEC) believes the agency should mull over whether to require public companies and investment advisers to perform the same kind of reporting, preparation, and planning for cyber incidents that the Financial Industry Regulatory Authority (FINRA) requires of registered broker-dealers.
