Innovation is critical to improvements within our society and is a key component in the cyber domain. The exponential growth of the internet means that the tools for operating in cyberspace are constantly evolving. It has often been said, however, that the only innovation taking place in cyber warfare is in offensive cyber operations. So where is the innovation in defensive cyber operations? In order to defend the core of cyberspace against malicious actors, is there sufficient defensive innovation taking place? And if such innovation is indeed happening, why does it seem as though the attacker always seems to be at least one step ahead of the defender? To address these complex concerns, this presentation starts with an examination of four distinct types of innovation—breakthrough, disruptive, incremental, and sustaining. Sustaining and incremental innovations tend to generate improvements within existing systems, but they usually originate as a reactive response to market needs and produce improvements based upon easily recognizable needs. Breakthrough and disruptive innovations, on the other hand, target new and underserved markets in their design and tend to be more proactive in shaping their environment in oftentimes unforeseen and drastic ways. Through the understanding that clear distinctions exist within what we term “innovation,” we are then able to comprehend that gaining an upper hand against cyberattacks requires that we determine the type of innovation our adversaries are developing and employing. Only then will we be able to grasp why our current system for cyber defense may be failing and, more importantly, advance the right defensive innovations that will prevail in this rapidly changing domain.