Well this explains the terrible security.....
I don't think it takes a genius to work out why paying staff significantly less than the market rate is a terrible idea when hiring someone for a leading position in your cyber security organisation.
First of all it makes it easy for foreign adversaries to get a foot in the door.
Second, even if you employ someone who isn't working for a foreign state it is going to be far too tempting to the person you employ to sell sensitive data to the criminal underworld because of the value of that data compared to the wages being paid by the government.
If you want the job done right then you have to be willing to pay for it.
I eagerly await the next massive UK cyber security breach, it'll give me a good chuckle for a few minutes knowing how incompetent they are not just at the task of digital security but also just hiring a suitable person to fulfil that task.
I feel sorry for those living in the United Kingdom, they're being protected by paper hat's and cardboard shields against a whole range of adversaries equipped with flamethrowers & petrol bombs.
If you live in the UK it may be worth contacting your local government representative and asking them to raise this as a SERIOUS issue before it's too late and they employ a weazel or a complete & utter idiot.