1st Edition

Why Don't We Defend Better?
Data Breaches, Risk Management, and Public Policy

ISBN 9780367787912
Published March 31, 2021 by CRC Press
118 Pages

USD $22.95

Prices & shipping based on shipping country


Book Description

The wave of data breaches raises two pressing questions: Why don’t we defend our networks better? And, what practical incentives can we create to improve our defenses? Why Don't We Defend Better?: Data Breaches, Risk Management, and Public Policy answers those questions. It distinguishes three technical sources of data breaches corresponding to three types of vulnerabilities: software, human, and network. It discusses two risk management goals: business and consumer. The authors propose mandatory anonymous reporting of information as an essential step toward better defense, as well as a general reporting requirement. They also provide a systematic overview of data breach defense, combining technological and public policy considerations.


  • Explains why data breach defense is currently often ineffective

  • Shows how to respond to the increasing frequency of data breaches

  • Combines the issues of technology, business and risk management, and legal liability

  • Discusses the different issues faced by large versus small and medium-sized businesses (SMBs)

  • Provides a practical framework in which public policy issues about data breaches can be effectively addressed

Table of Contents

1 Introduction

2 Software Vulnerabilities

3 (Mis)management: Failing to Defend against Technical Attacks

4 A Mandatory Reporting Proposal

5 Outsourcing Security

6 The Internet of Things

7 Human Vulnerabilities

8 Seeing the Forest: An Overview of Policy Proposals

View More



Robert H. Sloan, PhD, is a Professor and Head of the Department of Computer Science at the University of Illinois, Chicago.

Richard Warner, PhD, is a Professor Norman and Edna Freehling Scholar at Chicago-Kent College of Law in Illinois.