The cybersecurity-industrial complex?
I just came across an interesting video that talks about the possibility of a "cybersecurity-industrial complex" in the US. The claim is essentially that government contractors, many of which are former high-level government officials, are using the fear of cyber-terrorism to get the government to spend money on unnecessary security technologies.
I don't know enough about the government contracting community to have an informed opinion on this, but the government people that I've talked to seem to have the general feeling that the problem that the US government has with information security is that they spend money on the wrong things, not that they just don't spend enough money. But because government spending is fundamentally driven by politics, we'll probably always have that problem.