But the more significant "cyber" bills are the ones dealing with the security of the Internet. Since April 1, 2008, when Sens. Jay Rockefeller and Olympia Snowe introduced a particularly mammoth piece of cyber legislation, Congress has worked diligently in an effort to do something -- anything, really -- about hardening the nation's cyber-infrastructure.

Among the challenges they face is that it remains difficult to realistically prioritize when it comes to cyber vulnerabilities. The threats are definitely out there. But none of the most recent national catastrophes -- from Sept. 11 to Hurricane Katrina, the 2008 financial meltdown and the Gulf oil spill -- have been the work of a nefarious hacker gang. For now, at least, cyber threats remain largely the realm of worst-case scenarios.

This has not prevented legislators from identifying our very real cyber-security vulnerabilities as the next great catastrophe.

Take the most recent cyber-security bill introduced in early June by Sen. Joe Lieberman and co-sponsored by Sens. Susan Collins and Tom Carper. The bill calls for the establishment of a cyberspace policy office in the White House and a national cyber-security center. Neither of these are bad ideas. Thinking seriously about information policy, both at the national and international level, is important. Furthermore, having a civilian and, as importantly, non-DOD entity coordinating and contributing on information-security matters is desirable. We don't want the flow chart for network attack response always leading back to the Defense Department.

But the proposed legislation, much like Rockefeller-Snowe before it, also invokes as itsraison d'être the threat of a "national cyber emergency" -- that is, a worst-case scenario. There is nothing inherently wrong with this thinking. Although worst-case scenarios most often make for blockbuster films and bestselling novels, they also sometimes trigger creative strategic thinking.

Indeed, strategic theorists at war colleges and think tanks already spend time considering the merits of information warfare as a domain of conflict, alongside land, sea, air and space battlefields. Countries could, in the event of war, use digital means to attempt to crash out each other's infrastructure. As with strategic bombing in World War II, if two cyber-enabled nations do go to war, they likely will use electronic means as tools of warfare.

In many ways, a "cyber arms race" of sorts is already afoot. No nation on the planet was more impressed with the information capabilities displayed by the United States in its 1991 war with Iraq than China. In 1995, Chinese Maj. Gen. Wang Pufeng argued, "In the near future, information warfare will control the form and future of war." Heeding this warning, the People's Liberation Army has mobilized enormous resources aimed at developing the means to penetrate and damage the information systems of its competitors. Although far-reaching estimates of China's cyber attack capabilities are often drawn from scant publicly available information, it can be assumed that Beijing's cyber capabilities are growing in line with its traditional military arms.

What then of the other big player in information warfare, the United States? Standing up a joint operational Cyber Command run by a four-star general indicates the considerable investment on cyber warfare the Pentagon is making. Make no mistake, the U.S. military is building capabilities, ramping up new formations and hopefully writing a doctrine able to adapt to the realities of international conflict undertaken across computer networks.

But it's also important not to let military scenarios overshadow the real and existing problems facing cyber security. Our current conflicts in cyberspace are largely about theft: of ideas, data, intellectual property and other information. Security must be a design parameter for new pieces of computerized critical infrastructure, from the electrical smart grid to fully digitized health care records management. But we do not need to infuse the debate on information security with war rhetoric. Sen. Lieberman should work hard to sell his bill. But in declaring that the U.S., like China, must have the capacity to "disconnect parts of its Internet in a case of war," he risks polluting that debate. The United States need not emulate China in its efforts toward Internet security, as this will be in direct opposition to the Internet freedoms enjoyed here.

While developing global consensus on Internet freedom and stewardship for global information flows are highly desirable U.S. diplomatic goals, they will not translate to a greater level of assurance in information systems overnight. Electronic espionage and other cyber threats are at this point inevitable, whether conducted against the U.S. or practiced by it. That means that policymakers must address potential weaknesses and begin the process of hardening infrastructure, even if this leads to government wading into the activities of the private sector. In the United States, we generally accept that freedoms come with some requisite sacrifice. This will increasingly be the case with regard to Internet security. But by exaggerating the worst-case military threats at the expense of the already existing ones, we risk exacerbating those trade-offs.

**Chris Bronk is a fellow at the James A. Baker Institute for Public Affairs at Rice University, where he also teaches computer science. He studied Soviet military doctrine at Oxford University and is a former U.S. diplomat.