Not even DHS defends itself adequately. Let's hope they don't start dishing out site security advice any time soon.
Run this query through Google to see if they've fixed the breach yet:
"<script src=http://www.nihaorr1.com" site:.gov
Apparently the widespread SQL injection attacks against IIS-based systems has taken DHS Small Business Innovation Research as a victim - or at least that was the case as of Friday, April 25.
The UK government isn't doing any better. In fact they're far worse off. Run this query through Google, which as of Friday listed about 2,750 infected pages:
"<script src=http://www.nihaorr1.com" site:.gov.uk