Front cover of "The Cybersecurity Social Contract: Implementing a Market-Based Model for Cybersecurity."If you had 30 minutes with the president to advise on cybersecurity, what would you say?

In 2015, we began asking our board members that question.

The result is The Cybersecurity Social Contract: Implementing a Market-Based Model for Cybersecurity. It’s a 400-page book with more than 100 recommendations we published in late 2016.

Most importantly, the recommendations are credible, because they were written by our board members: mostly chief information security officers on the front lines of cybersecurity. Defending networks is our members’ day job.

The recommendations are comprehensive, because the book’s analysis isn’t limited to the usual suspects of critical infrastructure, like defense, information technology, telecom, financial services and utilities. It also addresses unique threats felt within equally critical sectors such as manufacturing, healthcare and agriculture.

Collectively, the recommendations also have the backing of some of the most forward-looking thinkers in cybersecurity policy (see below).

Click on the menu bar left to read synopses of the contributions from representatives of 10 different vital sectors of the U.S. economy.

Praise for The Cybersecurity Social Contract: Implementing a Market-Based Model for Cybersecurity


“The Cybersecurity Social Contract is a comprehensive assessment of the state of cybersecurity and offers the administration and Congress a road map for sensible and practical progress dealing with urgent security issues.”

-Michael Chertoff, Executive Chairman and Cofounder, the Chertoff Group, former Secretary, Department of Homeland Security

“This well-researched and documented book is the most comprehensive work to date in addressing these issues. I strongly recommend the administration and the Congress adopt the recommendations of this work.”

-Admiral Mike McConnell (Retired), former Director of National Intelligence; former Director, National Security Agency

“The Cybersecurity Social Contract provides a thoughtful roadmap of recommendations that places risk management principles at the core of the next administration’s cybersecurity agenda.”

-Melissa Hathaway, President, Hathaway Global Strategies, former Director of the Joint Interagency Cyber Task Force

“What an accomplishment. The Internet Security Alliance continues to prove its thought leadership by laying out a practical framework that integrates technology, government policy and business economics.”

-Air Force General Charlie Croom (Retired), Senior Vice President and Director, Strategic Account Executives, Leidos

“The Cybersecurity Social Contract blends for the first time real world economics and politics of cybersecurity. This volume offers the incoming administration the best hope for making serious progress.”

-Pradeep Khosla, Chancellor, University of California-San Diego; former Dean, College of Engineering, Carnegie Mellon University

“The Cybersecurity Social Contract presents a comprehensive overview of why we have failed to get our arms around these issues—including privacy—and what the next administration needs to do to avoid catastrophe.”

-Art Coviello, Jr., Executive Chairman (Retired), RSA