The U.S. government will work with private vendors to address those supply-chain concerns, he says. DHS is also looking at implementing stricter acquisition rules for tech products.

There have been examples of credit-card point-of-sale machines stealing credit card numbers and passwords, Hathaway notes. "We need to be more concerned about backdoors in the supply chain," she says.

Another major concern is the U.S. government's perimeter defense, officials say. The current perimeter defense scanner, nicknamed Einstein, was launched in 2004 and is a largely passive monitoring system, Schneider says.

"Simply put, [Einstein] is a flow-management system that lets us know after we've been attacked," adds Neill Sciarrone, special assistant on cybersecurity in the White House.

Einstein protected a small percentage of the access points to the federal government's networks, adds Robert Jamison, undersecretary for national protection and programs at DHS. His agency is currently testing a new version of Einstein that would protect all of the government's networks, he says.