It seems not a week goes by that we don't hear about a data or security breach involving a major business or financial institution. Now, the federal government is taking one step to better catch and combat cybercrime in the financial sector. The FDIC is requiring banks to notify authorities of certain cyber breaches or hacks within 36 hours. The new rule comes as U.S. financial institutions are under increased threat of breaches by hostile foreign entities like Russia and China.

The FDIC rule is a good start, but far from foolproof, according to Matt Malone, cyber security expert with business consulting firm Vistrada . "The FDIC breach notification only applies to the time the breach was detected," he says. "So the breach could have happened for six months, and it's only when they detect it that they have to then start reporting."

Malone tells KTRH this type of cyber security needs to be applied beyond banks, as we've seen major hacks like the one that shut down a major U.S. oil pipeline last year. "It's not surprising that banking has their own regulations and they're first to market, because everybody wants to protect money," he says. "But in today's world, data is money...it's the same thing."

While banks are now under these new federal reporting rules, other industries and businesses are still operating under a patchwork system of cyber rules that vary from state to state and industry to industry. "It's still kind of the wild west out there when it comes to information security, and a lot of organizations are nervous about putting out info on breaches because of fears over bad publicity," says Malone.

"We have to kind of change our mindset and look at what the banks are doing, and look at doing things from a federal perspective," he continues. "It is critical that we have one (cyber security) standard that everybody meets."