The UK government's approach to IT security has been roundly criticised by spending watchdog the National Audit Office (NAO).
The NAO report, entitled Protecting Information Across Government, highlighted a fragmented approach to IT security across government bodies.
"None of the departments we interviewed understood the specific roles of the various bodies involved, making it difficult to identify any single arbiter of standards or guidance," the report said.
"[There are] too many bodies with overlapping responsibilities operating in the centre of government, confusing departments about where to go for advice."
The situation has been made worse by the increasing encroachment by central government on departments and institutions that traditionally looked after their own security, according to the NAO.
This has blurred the boundaries and caused confusion over where the responsibility for security lies.
There is also a general lack of information sharing between departments, and the Cabinet Office has failed to collect and analyse data on the government's performance in protecting information, the report said.
This means that the government has "little visibility of information risks in departments and limited oversight of the progress departments are making to better protect their information".
"The Cabinet Office does not provide a single set of governance standards for departments to follow, and does not collate or act on identified weaknesses," the NAO said.
The report acknowledged that measures are being taken to improve the situation, for example with the creation of the National Cyber Security Centre which will pull together much of the government's cyber security expertise, but warned that wider reforms are necessary.
"The Cabinet Office is taking action to improve its support for departments, but needs to set out how this will be delivered in practice," the report said.
"To reach a point where it is clearly and effectively coordinating activity across government, the Cabinet Office must further streamline the roles and responsibilities of the organisations involved, deliver its own centrally managed projects cost-effectively, and clearly communicate how its various policy, principles and guidance documents can be of most use to departments."
A Cabinet Office spokesperson told the BBC in response to the findings: "The Cabinet Office conducted its own review of government security in early 2016 and many of our findings are consistent with the NAO report.
"So we are already well under way in strengthening oversight of information security by bringing together nine separate central teams into just two.
"We have also appointed the government's first chief security officer to bring together all disciplines of government security under central leadership."
The NAO noted in a report in 2014 that the government was struggling to demonstrate a clear link between the large number of individual projects being delivered as part of the National Cyber Security Programme. It would appear that not much has changed since then.
Flagship device also supports firm's modular MotoMod add-ons
Comes just week after firm announced plans to bin the service
Details of a trio of Intel Coffee Lake CPUs leaked
Ding-dong Adobe Flash is dead