Just got a book, "Cyberspies: The Secret History of Surveillance, Hacking, and Digital Espionage". AMAZING stuff. Page one gets right down to business... tells the story of how, minutes after Germany and England went to war in August 1914, a telegram arrived to the commander of a British ship in Dover. That telegram ordered him to sail out into the English Channel and then start cutting Germany's telegraph lines.
Keeping in mind that the prefix "cyber-" deals with information technology, those telegraph lines were the equivalent of modern-day OC128 lines. And, over 100 years ago, the first act of war was to attack an enemy's ability to communicate.
Cybersecurity is NOT like defending against an army. It's like doing police work and counter-intelligence. Think along those lines, and you can have a much better idea of what's necessary to defend against cyberattackers.
PS- I still don't like the prefix "cyber-", but it's what we have to use in order to explain things to non-technical people.