Despite the growing literature on cyber security, most studies have sidestepped important questions of how conflict escalates in the cyber domain. To better understand this dynamic, we advance two main theoretical pathways of escalation, one in which actors respond with increasing intensity based on the effect of an attack, irrespective of how it is conducted (through cyber, conventional, or nuclear) and another in which the means of attack determines the actor’s willingness to escalate. We then test those effects- and means-based pathways with an original experiment that probes support for escalation, focusing on the American public, a key actor in debates about nuclear escalation and deterrence. Our study suggests that cyberattacks create a threshold that restrains the escalation of conflict. Americans are less likely to support retaliation with force when the scenario involves a cyberattack even when they perceive the magnitude of attacks across domains to be comparable. Our findings provide support for cyber strategies based on assumptions of cyber thresholds, while also casting doubt on the credibility of cyber deterrence by punishment. More broadly, our research suggests effects-based theories of escalation may not help understand the impact of emerging technologies on strategic stability.