Today, ensuring security in cyberspace is a top priority of national security policy for most states. States’ approaches to cybersecurity can be divided into two categories: those that regard cybersecurity as a civilian task; and those that involve their militaries in creating or implementing cybersecurity policies. Those states that have incorporated cyberwarfare into their military planning and organization perceive cyberattacks as a threat to their national security, while states that charge their civilian agencies with domestic cybersecurity missions classify cyber intrusions as security risks for only particular sectors. Adopting the framework of securitization theory, this article theorizes both civil and military approaches to cybersecurity and threat perceptions and their sources. The theoretical framework is then applied to a study of the cybersecurity policies of Central European countries and the Baltic States.