A strategy to defeat US adversaries in cyberspace is not the same as, nor sufficient for, securing cyberspace. US policy is on two potentially divergent paths: one that prioritizes the protection of American infrastructure through the pursuit of US cyber superiority, and one that seeks an open, secure cyber ecosystem. Defend Forward was a compelling and necessary shift in thinking, but it is just one of many policy tools available to implement the US cyber strategy. In the new National Cyber Strategy, policymakers and practitioners should heed the costly lessons of a generation of counterinsurgency and ensure that efforts to defeat adversaries in cyberspace do not displace efforts to secure it. In an article published by Foreign Affairs, National Cyber Director Chris Inglis and Harry Krejsa, assistant national cyber director for strategy and research, emphasized, “security is a prerequisite for prosperity in the physical world, and cyberspace is no different.”1 A revised national cyber strategy should: (1) enhance security in the face of a wider range of threats than just the most strategic adversaries, (2) better coordinate efforts toward protection and security with allies and partners, and (3) focus on bolstering the resilience of the cyber ecosystem, rather than merely reducing harm.