Conceptualizations of cyberspace security can be divided into two related dimensions, articulated as “risks”: risks to the physical realm of computer and communication technologies (risks to cyberspace); and risks that arise from cyberspace and are facilitated or generated by its technologies, but do not directly target the infrastructures per se (risks through cyberspace). There is robust international consensus, growing communities of practice, and an emerging normative regime around risks to cyberspace. This is less the case when it comes to risks through cyberspace. While states do collaborate around some policy areas, cooperation declines as the object of risk becomes politically contestable and where national interests vary widely. These include the nature of political opposition and the right to dissent or protest, minority rights and independence movements, religious belief, cultural values, or historical claims. The contrast between the domains has led to contradictory tendencies and paradoxical outcomes.