The United States and Canada are interdependent across many dimensions, including the two nations’ reliance on shared critical infrastructure. As a result, regulatory efforts aimed at securing critical infrastructure in one nation impact the other, including in the cybersecurity context. This chapter analyzes the U.S. and Canadian cybersecurity strategies, including their treatment of so-called offensive cyber operations, along with relevant national doctrines pertaining to active defense, and self-defense. The concept is interpreted broadly to include relevant strategies, and where necessary, policy statements, manuals, and legislation of each nation to better inform conclusions. Particular attention is also paid to the role of international law and emerging cyber norms in guiding State practice pertaining to cyber operations in both the United States and Canada.