U.S. cyber policy aims to secure both civilian and military networks from cyber threats. The policy has strengths in establishing guidelines for protecting critical infrastructure and coordinating defensive efforts across government agencies. However, the policy could be improved by more clearly defining international norms of behavior in cyberspace and implementing a long-term strategy for deterring sophisticated state actors.