This document outlines key terminology and concepts regarding cybersecurity including fragmentation of approaches, notification of incidents, and data localization. It discusses both "don'ts" and "dos" for cybersecurity policy. For "don'ts", it warns against using security standards to limit market access or civil liberties and advocates balancing security with trade and innovation. For "dos", it suggests focusing on critical systems, public agencies, coordination, planning, private sector engagement, research, and participation in international cooperation.