Cyberterrorism, while being written about since the early 2000s, is still not fully understood as a strategic concept and whether such actions can be deterred is hotly contested. Some strategists and policy makers believe that acts of cyberterrorism, especially by non-state actors, may prove to be undeterrable. Yet the leadership of both state and non-state actors tend to act rationally and function strategically, and therefore they can, in fact, be deterred to some degree. Helping to shape the legitimate options following a significant cyberattack, the Law of Armed Conflict has salient considerations for the deterrence of cyberterrorism, particularly the principles of military necessity and lawful targeting. Furthermore, when considered holistically and using all available means, deterrence combined with dissuasion activities can lessen the likelihood of cyberterrorism, while mitigating any consequences should such a cyberattack actually occur.