Providing cybersecurity adequate to meet increasing threats is a perpetual catch-up process. Public sector agencies are particularly sensitive targets, with high visibility not only to the citizens they serve, but also to cyberattackers. Despite the emphasis on cyberprotection spurred by the major OPM breach in 2015, government agencies have struggled to maintain adequate levels of protection. A recent survey uncovered both a lack of speed in detecting and responding to attacks, and weak defenses of the full range of possible attack channels.