Introduction -- Software vulnerabilities -- (Mis)management : Failing to defend against technical attacks -- A mandatory reporting proposal -- Outsourcing security -- The internet of things -- Human vulnerabilities -- Seeing the forest : An overview of policy proposals.
Summary:
"The wave of data breaches raises two pressing questions : Why don't we defend our networks better? And, what practical incentives can we create to improve our defenses? Why Don't We Defend Better? : Data Breaches, Risk Management, and Public Policy answers those questions. It distinguishes three technical sources of data breaches corresponding to three types of vulnerabilities: software, human, and network. It discusses two risk management goals: business and consumer. The authors propose mandatory anonymous reporting of information as an essential step toward better defense, as well as a general reporting requirement. They also provide a systematic overview of data breach defense, combining technological and public policy considerations"-- Provided by publisher.
This resource is supported by the Institute of Museum and Library Services under the provisions of the Library Services and Technology Act as administered by State Library of Iowa.