Protocol: What should the government be asking for in mandatory cyber incident reports, and how could that information be used most effectively?