US regulators seek to tighten cyber incident reporting