Unfortunately, our military is organized to favor rigid adherence to procedure and the forceful execution of a plan whether or not it's hopelessly out of date.
Very important when you do all the boring, routine stuff that keeps butter and bullets getting to troops under fire. Even more important on a wide-open battlefield where artillery and planes are blowing up things they can't see directly and all the shooters on your side have to be in places they won't get blown up.
Not so good when the army that's attacking could be a division of Chinese non-coms trained in spear phishing one day and a bunch of script kids with a set of SQL injection tools and a lot of attitude the next.
"Adapt, improvise, overcome," goes the unofficial motto of the Marines. Even they never adapted or improvised quickly or completely enough to respond to the digital threats they and the rest of the U.S. military faces every day.
Imagine running an IT department trying to keep up with the speed of business "in an enterprise with 18 or so layers of management between the top and the most junior employee" the Wall Street Journal posits. "Now imagine...it can take literally decades to buy new equipment and that you can be jailed for having dirty footwear."
I don't see that being a great formula for online invulnerability.
People who live in their moms' basement, live on pizza and don't own shoes that aren't sneakers just aren't afraid of anti-hackers in shiny shoes and military trade-school training in Unix administration.