With revelations that the government has been spying on millions of Americans, many people believe that the government has incredible technological expertise. But according the country’s top cybersecurity expert, the U.S. is still far behind the curve when it comes to online security.

Tony Scott, the nation’s chief information officer, told BuzzFeed News that our country’s online security measures are ten to twenty years behind the times. He described the government’s approach to patching security threats as using “Bubble Wrap” instead of comprehensively fixing problems.

His announcement last week called for modernizing the country’s cybersecurity practices. The plan includes hiring top technology experts, using cutting edge equipment and software, and responding to attacks more rapidly and comprehensively.

Scott’s plan calls for government systems based on cloud computing and ongoing upgrades. He also stressed the need for individual agencies to take a more active role in updating their systems.

The government has faced a series of cyberattacks that exposed vulnerabilities. Earlier this year, the federal Office of Personnel Management was hacked, with twenty-one million private records of employees and contractors stolen by unknown hackers.

In response, new security measures have been adopted. For one, today more than eighty percent of federal government employees now use smart cards to access government networks, up from just forty-two percent before the breach. Scott also instituted other changes, including fixing vulnerable systems, reducing the number of federal employees who have administrative access, and initiating basic security measures such as two-step password protections.

One measure that will not be take is requiring private companies to establish “backdoors” on their encrypted devices that would allow for easier government surveillance. The Obama administration has decided not to pursue such legislation.

Going forward, Scott noted that there will be more oversight on security, including from Congress’ Government Accountability Office and the inspectors general offices. His office will also be measuring the new systems in order to track the progress of the recent changes.