It's the old "convenience or security" dilemma, you lose on one side to gain on the other. There's no way around it. But choice still exists.
I expect that it would be ruled by a MAD-like reasoning: between states at least, "you attack my systems, you get attacked in turn". Theoretically, "cyberwar" makes a very good threat, but for practical purposes the fallout of any large-scale attack would be too dangerous for rational governments to start it. But the weight of the threat would still hang upon the governments of the more exposed countries, and still allow some leverage.
Threatening critical infrastructure of a country for political leverage is nothing new. The most famous "recent" example was Eisenhower's threat of collapsing the pound and with it the favored world position of the UK's financial system during the Suez crisis. This is really just a new version of that kind of "soft" power.