Research conducted by the National Security Agency (NSA), in conjunction with the Department of Defense, FBI, Department of State, local law enforcement, civilian security agencies, and large security providers such as Mandiant and McAfee have shown that government and industry alike suffer from poor security practices. The result of the research, published by the Center for Strategic and International Studies at the request of Congress, led to the establishment of the Top 20 Critical Security Controls for government and private networks alike. Indeed, the NSA recommended security practices conjoin many top traditional security practices already codified in leading professional security standards such as National Institute of Standards and Technology (NIST) 800-53. The alarming aspect of the study is that while competent security standards for protecting America’s networks and systems had already been developed, the standards have been poorly implemented across the country.