Cybersecurity is truly a bipartisan issue in Congress, but measures aimed at enhancing the protection of military IT systems fell victim to political squabbling over the repeal of the don't ask, don't tell policy on gays in the military.
Sensitive information maintained by three federal departments - Defense, Homeland Security and Health and Human Services - isn't fully safeguarded from the inquisitive eyes of government contractors, putting the data at risk of unauthorized disclosure or misuse.
"What we are trying to do in Michigan is to set the framework, which means that these cloud solution providers meet our requirements, not the other way around," says Ken Theis, director of the state Department of Technology, Management and Budget.
Despite efforts to tighten security to prevent such digital invasions, the military understands such breaches could still occur, which led Lynn to say the military must develop and train its cyber defenders to act in a degraded information environment.
People who customize software often don't know what they're doing, creating an environment where adversaries can exploit unintended vulnerabilities, says Robert Lentz, the longtime Defense chief information security officer.