Forty-four percent of federal information technology leaders surveyed by Vormetric said talent shortage prevents their agencies from adopting modern data protection tools and 43 percent cited budgetary issues as a data security barrier.

Vormetric said Thursday it collaborated with 451 Research to poll more than 100 senior security executives in the federal government about IT security challenges that their agencies face.

One out of five respondents reported encountering a breach at their agencies over the past year.

Ninety percent of federal IT executives said they believe their organizations are vulnerable to data security threats and 76 percent pointed to cyber criminals as their agencies’ top external threat actor, while 64 percent identified privileged users as key internal threat actor.

The report indicated concerns remain that adoption of cloud computing, Internet of Things and big data technologies may affect security of government data.

“More attention must be paid to techniques that protect critical information even when peripheral security has failed, and data-at-rest security controls such as encryption, access control, tokenization and monitoring of data access patterns are some of the best ways to achieve this,” said Tina Stewart, vice president of marketing at Vormetric.

Fifty-eight percent of respondents plan to increase spending on programs to secure sensitive information at their agencies and 48 percent look to adopt private-sector data security strategies.

The Government Accountability Office has said the Internal Revenue Service‘s computer systems are still susceptible to threats despite the IRS’ progress in information security controls.

GAO said in a report posted Monday the tax collection agency needs to address system issues such as unpatched and outdated software and deficiencies in password settings, access restriction, sensitive user data encryption and system monitoring.

The IRS said it addressed 28 previous recommendations, but GAO said nine of those were not properly implemented.

GAO recommended for IRS to take two additional measures: resolve newly discovered vulnerabilities and implement its information security program, which entails policy updates and testing methods.

Auditors at GAO previously examined IRS financial statements for fiscal years 2014 and 2015 and found problems within the financial reporting infrastructure’s information security, audit trails and password management, ExecutiveGov reported November 2015.

Terry Halvorsen, chief information officer at the Defense Department, has said DoD will work to update its networks, improve its cybersecurity posture and attract and retain information technology professionals in 2017, DoD News reported Wednesday.

Cheryl Pellerin writes Halvorsen gave the remarks Tuesday during his testimony before the House Armed Services Committee’s emerging threats and capabilities subpanel on DoD’s fiscal 2017 budget request of $38.2 billion for IT and cyber programs.

Halvorsen, an inductee into Executive Mosaic’s Wash100 for 2016, said that his office plans to leverage mobile data access and cloud platforms, consolidate data centers and improve collaboration with the commercial sector in order to attract IT professionals and promote innovation.

He also mentioned that the Pentagon will also prioritize the deployment of the Joint Regional Security Stacks for the Joint Information Environment.

“JRSS provides the baseline for a more-coherent, singular security architecture for DoD’s cyber defenders,” he said at the hearing.

The department will also work to field the Mission Partner Environment–Information System in an effort to facilitate data sharing between combatant commanders and mission partners as well as improve human accountability through the implementation of provisions in the Cybersecurity Discipline Implementation Plan, Halvorsen added.