A unified treaty approach to cyber security may prove elusive. The final solution, when it emerges, will be amorphous. In order to be inclusive and effective it will need to be an amalgamation of bilateral arrangements, multilateral treaties, and informal codes of conduct.