He said foreign nations, terrorists, criminal groups and political activists were behind many of the attacks.
"These agencies and organizations have experienced a wide range of incidents involving data loss or theft, computer intrusions and privacy breaches, underscoring the need for improved security practices computer intrusions, and privacy breaches," Wilshusen testified at a hearing of the House Homeland Security Committee's subcommittee on Oversight, Investigations and Management.
He said securing critical infrastructure systems, such as electrical grids or chemical plants, should be a "national priority."
"Specifically, significant weaknesses in information security controls continue to threaten the confidentiality, integrity and availability of critical information and information systems supporting the operations, assets, and personnel of federal government agencies," he said.
The House is set to vote on several cybersecurity bills this week.
The most prominent bill is the Cyber Intelligence Sharing and Protection Act (CISPA). The measure, sponsored by Reps. Mike Rogers (R-Mich.) and Dutch Ruppersberger (D-Md.), would tear down legal barriers that discourage companies from sharing data about cyberattacks.
Unlike Senate legislation, CISPA does not include security standards for critical infrastructure systems.
The House is also expected to vote on Rep. Darrell Issa's (R-Calif.) amendments to the Federal Information Security Management Act, which would provide for stronger oversight of the security of federal computer systems.