In “Deterrence and Dissuasion in Cyberspace,” Joseph Nye reveals the difficulties in applying deterrence to cyberspace by extending the concept from its hard core of retaliatory dynamics and threat of denial to include entanglement (interdependence by another name) and norms.1 This extension of concept still leaves Nye apparently dissatisfied: he concludes that deterrence in the Cold War was not as good as scholars and policymakers think it was, so perhaps they are holding cyber deterrence to an illusionary standard. Essentially, Nye suggests that both scholars and policymakers should cut cyber deterrence a break.
The management of cyber aggression does indeed need a break: a sharp break away from deterrence-centric thinking. Nye's piece illustrates how we are facing a degenerative program moment or the friction one expects on the edge of a paradigm's need to shift.2 The evidence from real-world security dynamics suggests that deterrence is the wrong framework...