01520nas a2200205   4500000000100000000000100001008004100002260000900043653001600052653001500068653001700083653001800100653001500118653001400133100001900147245005500166300001000221490000700231520107600238       2019                            d  c201810aattribution10acompliance10acyber domain10aCybersecurity10aDeterrence10atolerance1 aMika Kerttunen00aBeyond Punishment: Deterrence in the Digital Realm  a61-680 v183 a<p>Deterrence theory has since its inception justified the build-up and maintenance of weapons arsenals assumingly guaranteeing our survival. However, we do not know whether deterrence theory works in practice: major wars may have been avoided for many other reasons than fear of punishment or (other) high costs. Skepticism towards cyber deterrence is used to justify unilateral, punitive, even preventive, pre-emptive, or continuous action against assumed adversaries. Nuclear weapons-centric deterrence, stressing the avoidance of reckless state behavior, could be improved to face the contemporary, technology-infused realities, where zero-tolerance of error or incidents, vital in the nuclear realm, is not realistic. As a result, we have come to accept or denounce cyber operations based on their targets and effects. As a contribution to achieving responsible state behavior in cyberspace, the author suggests utilizing cost calculation, the underlying assumption of deterrence theory, to the fullest: to include the promise of rewards in our policy options.</p>