Cyber attackers pose many threats to a wide range of targets. Russia, for example, was accused of hacking Democratic Party computers throughout the year and interfering with the U.S. presidential election. From 2005 to 2015, federal agencies reported a 1,300 percent jump in cybersecurity incidents. Clearly, we need better ways of addressing this broad category of threats. Some in the cybersecurity field are asking whether cyber deterrence might help. Cyber deterrence focuses on making potential adversaries think twice about attacking, forcing them to consider the costs of doing so, as well as the consequences that might come from a counter-attack. There are two main principles of deterrence. The first, denial, involves convincing would-be attackers that they won't succeed, at least without enormous effort and cost beyond what they are willing to invest. The second is punishment: Making sure the adversaries know there will be a strong response that might inflict more harm than they are willing to bear.