"And [federal] employees are to blame for at least half of the problems."Specifically, not because the employees are the hackers, but because
"They have clicked links in bogus phishing emails, opened malware-laden websites and been tricked by scammers into sharing information."This is counterproductive. It blames end users for problems that the security community should be taking accountability for.