"Standing at the center of this debate on how much security is enough are agency chief information security officers, who report to chief information officers." Join the debate. Do you think if the government use Linux machines and tools more it would help their security problems? I might come down to ease of use vs security.
Security measures are restrictive by definition and Federal Agencies can only implement so many of them before the backlash sets in. Many times, after being over-regulated, employees will simply find a route around the security precautions, eliminating the measures' function and even making data theft or loss easier.
