The aim of this paper is to have a set of real-case practices which have practical value in building a credible deterrence posture in cyberspace. The application of deterrence theory in cyberspace is focused on how to establish a deterrence posture, what steps should be taken in this process, what practices should be followed and what kinds of effects each one of those practices would have. The introduction of the concept of cyber deterrence has produced substantial knowledge about the definition of deterrence in cyberspace and its methods. However; as Karl Popper and his theory ‘empirical falsification’ suggests: ‘…the criterion of the scientific status of a theory is its falsifiability, or refutability, or testability.’ (Popper, 1963)
In other words, a claim supported by thousands of positive examples of its benefit is not universally true, and just giving a single counter-proof is sufficient to prove that the claim is not true. Hence, this paper discusses if it is possible to develop a credible deterrence in cyberspace by examining the past cases in which the deterrence efforts have failed. It then objectively analyses and filters out the methods that contributed to those failures, reaching a refined subset.