Perhaps where the Cold War parallels fall short the most is the idea that building up offensive capabilities will deliver deterrence. This is a constant refrain: not just the need to build up U.S. cyber offense, but the need to make sure others know the United States has those capabilities.He argues instead for efforts to set international norms for cyber behavior, build diverse capabilities, and strive for resilience in case of attacks.
I think there's also a parallel with "nonlethal weapons," the 1990s push for capabilities that would reduce civilian casualties when America intervened abroad. The best ones were turned over to the special operations community because knowledge of the capability would lead to a loss of surprise and countermeasures. Many cyber tools are only good once. Exploiting a zero-day flaw exposes it and leads to fixes. So we have to keep our electronic "powder" dry as long as possible.