Larry Clinton is President of the Internet Security Alliance (ISA). He is the primary author of ISAs “Cyber Social Contract” which articulates a market-based approach to securing cyber space. In 2011, the House leadership GOP Task Force on cyber security embraced this approach. In 2012, President Obama abandoned his previous regulatory-based approach in favor of the ISA Social Contract model. The ISA document is the first and most often referenced source in the President’s, “The Cyber Space Policy Review.” He is also the primary author of the Cyber Security Handbook for corporate boards published by the National Association of Corporate Directors (NACD) in 2014. In 2015, Mr. Clinton was named one of the nation’s 100 most influential persons in the field of corporate governance by NACD. He has published widely on various cyber security topics, testifies regularly before Congress and other government agencies including the NATO Center for Cyber Excellence.
Since the publication of the first National Strategy to Secure Cyber Space in 2003 the US federal government has realized that due to the interconnected nature of the Internet, securing the system would require an industry-government partnership. However, defining exactly what that new partnership would look like and how it would operate has been unclear. The ramifications of this ambiguous strategy have been noted elsewhere including the 2011 JSS article “A Relationship on the Brink” which described the dysfunctional state of public private partnerships with respect to cyber security. Subsequently, a joint industry-government study of partnership programs has generated a consensus list of “best practices” for operating such programs successfully. Moreover, subsequent use of these principles seems to confirm their ability to enhance the partnership and hopefully helps ameliorate, to some degree, the growing cyber threat. This article provides a brief history of the evolution of public-private partnerships in cyber security, the joint study to assess them and the 12 best practices generated by that analysis.
Clinton, Larry. “Best Practices for Operating Government-Industry Partnerships in Cyber Security.” Journal of Strategic Security 8, no. 4 (2015): 53-68.
Available at: http://scholarcommons.usf.edu/jss/vol8/iss4/4