sdenaro Computer security needs to be treated like an externality; including discussion of regulatory bodies and fines for negligence.