Congress' investigative arm found that FDA has a significant number of security control weaknesses, which include not encrypting data nor conducting physical security reviews. The agency says its ability to address weaknesses is hampered, in part, by a lack of resources. The Government Accountability Office's findings were consistent with a House committee's investigation from over a year ago that found several vulnerabilities in FDA's cybersecurity. “[A] significant number of weaknesses remain in technical controls -- including access controls, change controls...