Cybersecurity is chaos. No, not random chaos where there are no rules, but deterministic chaos, described by mathematician Edward Lorenz as, "When the present determines the future, but the approximate present does not approximately determine the future." If we consider ourselves experts, why do we continue to be surprised by new types of attacks and intrusions? Why do we have such a hard time protecting ourselves and our clients? Can the cyber security problem ever be "solved"? In this presentation, we'll look at the complexities of the man-made domain called cyberspace, and evaluate why securing cyberspace absolutely is not possible. Nevertheless, we can make significant progress by marrying preparation and prevention with detection, resulting in an adaptive security model that will allow us to reduce the impact of future adversaries. Finally, we'll explore whether the best defense really is having the best offense, and if so, how can we avoid a digital arms race that may escalate beyond our control?