I think it's more about the nature of complex systems - politics, trolling aside, I would think the larger the internet facing infrastructure, the (exponentially) harder it is to secure....putting the need to service other organizations within that infrastructure, it's a commitment that folks are just coming around to - public and private.
My disappointment is not the government so much (as it relates to this topic anyway), but rather the firms that are supposedly securing them. My experience has been that the guiding philosophy with these guys is a) bill as much as you can, without pissing the customer off b) template your approach, creative thinking is risky and c) make your customer just slightly more secure that the next target.
This is a generalization, to be sure - but until you have smart people with the skills with the mindset that they need to evolve quick than the threats out there - it's just going to mean more negative publicity as well as more money for substandard contractors.
Just my two cents.