Information security has become interdependent, global and critical - it has become cybersecurity. In this complex environment, legal consideration and economic incentives are as integral to ensuring the security of information systems as the technological realization. In this paper, we argue that comprehensive cybersecurity requires that these three disciplines are considered together. To this end, we propose a legal analysis framework, which can can be used to study legal and economic requirements for cybersecurity in relation to technological realities. The framework yields concrete recommendations, which complex system and critical infrastructure stakeholders can utilize to improve security within their networks. The analysis framework aims to offer key stakeholders a better understanding of the legal and economic requirements for cybersecurity and provide them with recommendations that are in line with modern cybersecurity strategies, including the enhancement of cooperation and collaboration capabilities and the implementation of other state-of-the-art security mechanisms.