While cyberwar is gaining recognition as a ‘fifth battlefield’, policy makers and the general public have insufficient knowledge about the legal and strategic implications of this development. This policy brief critically examines some of the legal and strategic challenges that arise with respect to the development of effective international and national strategies to prevent, regulate, and resolve cyberwar. To provide critical information about the role of law in the govern-ance of cyberwar, it is necessary to unpack the mutually constitutive relationship between the law, empirical developments on the ground, and the cyberwar discourse. There is a strong current push by military, political, and commercial actors to shift cyber security issues into the domain of warfare. The militarization of cyberspace calls for a concerted effort to promote a ‘cyber peace’ agenda. Moreover, while clarity about the application of the law of armed conflict (LOAC) is important, LOAC only offers a framework for addressing a small part of the cyber security challenge. More attention should be given to the lack of critical information infrastructure protection (CIIP) and the inadequate coordination of domestic legal regimes.