Despite work by Congress to pass more than 50 laws to address cybersecurity, the federal government’s track record in securing its own information-technology systems is far from sterling. This could be seen most obviously in the hack of the Office of Personnel Management that compromised 21.5 million government records and in the 2015 hack of the Internal Revenue Service, which exposed the information of at least 724,000 taxpayers to bad actors.
In fact, there are a few dozen smaller cyber-attacks on the federal government each year, most of which go unnoticed by the public. These cases where the government failed to defend both itself and citizens who trusted their data would be secure continue to proliferate, even though the government spends roughly $75 billion on IT each year, much of it specifically dedicated to cybersecurity improvements. There’s little evidence the improvements are working. In 2015, many federal agencies lost points