Central, State, and Municipal Government Departments and Agencies are the targets of an accelerating and full range of cyber attacks. Adversaries include hackers/hacktivists, malicious insiders, nation-state actors, criminals and organized Central Government Department and Agencies are the targets of an accelerating and full range of cyber attacks. Adversaries include hackers/hacktivists, malicious insiders, nation-state actors, criminals, and organized crime and terrorists. Their tools range from bots and “copy from the web” scripts to sophisticated zero-day vulnerabilities. And their impact can be severely damaging both to agencies’ ability to operate and public confidence in government. This is a big challenge because of the huge volume of threats that agencies face on a daily basis and the scale of the potential consequences if successful. The scale of the data sets held by government, and their significance for adversaries, was illustrated by the theft of over 22 million federal employees’ background investigation records from the US Office for Public Management. Government information security leaders have to operate in a complex environment of numerous systems, aging infrastructure, skill shortages, and funding constraints. They are also required by law to keep data for long periods, in the case of Archives for hundreds of years.