Hardly a week goes by without a report about another cyberattack. With almost every major organization having been victim, including most government organizations, such as Equifax, Target, Sony, NSA, and the US Office of Personnel Management, you might ask: "Why are these problems not being fixed? Who is in charge here?" The answer is that nobody is in charge, and that is the secret of the Intenet's success. The governance structure of the Internet is bottom-up, not top-down. However, certain sorts of problems are hard to solve in a bottom-up governance regime. In this session we will discuss the history of Internet governance, different points of view about the future of Internet governance, and how different aspects of cyber-security depend on different actors for their solution. We will use a case study of a current security challenge to illustrate how problems get solved in a fluid space of governance organizations.