Unintended damage to non-military targets is typically straightforward to characterize and weigh against anticipated benefits because of well-established definitions, technical assessments, and legal conventions. In a kinetic military context, collateral damage occurs when a hostile action causes physical or property damage to a civilian target. However, collateral effects caused by cyber operations lack formal recognition when they are limited to electronic data, information technology and computing systems, whether caused by conventional military operations, or the result of law enforcement, or private sector operations. Even though there may be tangible consequences stemming from the loss or destruction of data, conventional norms are ill equipped to formally recognize them. Uniquely in the cybersecurity context, tactical operations may have broad systemic “collateral” effects on other important policy priorities that must be accounted for. In short, we lack a clear conceptual vocabulary for cyber operations for both the military operations, as well as for non-military operations, where many cyber activities occur.