After reading The “Short Arm” of Predictive Knowledge I believe it highlights a key problem in cyber policy. It seems we are much better at creating powerful technologies than we are at predicting their long term consequences. Because of this, cyber policy shouldn’t rely too heavily on trying to forecast accurately. Instead, it should focus on managing uncertainty. One important approach is shifting from prediction to precaution. Rather than trying to guess exactly what will happen, policymakers should assume that unintended consequences are likely and design systems to minimize harm. This could include stricter security by design standards, continuous risk assessment, and limiting the scale of potentially dangerous technologies until they are better understood.