The cyberspace operational domain is defined as a global domain within the information environment comprising the interdependent network of information technology infrastructures and resident data, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers.4 Thus, some experts argue that cyberspace is human-constructed and malleable. Moreover, the scope of this constantly shifting space is distinctive—state and non-state actors’ abilities to modify other operational domains cannot occur on the scale we are witnessing in cyberspace. Strategy must recognize that there is a qualitative difference between the capacity to modify terrain and the ability to create it whole cloth. The uniqueness of cyberspace is also reflected in the low cost of entry to this domain. Various actors can affect relative national power to operate in cyberspace that are orders of magnitude higher than the narrow club of great powers that operate with consequence in the land, air, maritime and space operational domains. Moreover, there is currently no internationally agreed upon concept of cyberspace sovereignty. This fact suggests a corollary—international relations (and nature) abhor vacuums. Consequently, cyber security strategy should assume that states and other significant actors continually are seeking to exert their influence in cyberspace through cyber operations, activities, and actions (OAAs). In addition, it is a domain in which all other operational domains and national instruments of power are enabled (if not dependent). And, given cyberspace’s interconnected nature, operations always involve contact, whether it is recognized or not. Furthermore, operations in cyberspace are unique because operators can manage attribution and design operations to generate a range of damage—reversible, temporary, or significant that is, nonetheless, short of internationally agreed upon definitions of use of force and armed attack. These characteristics should be appreciated in developing a strategy for cyberspace. Unfortunately, most of these characteristics are not considered when applying to cyberspace the strategic approach that has dominated U.S. policy— deterrence.