A 2015 GAO report found a majority of 24 federal agencies the office examined had persistent cybersecurity weaknesses, which ranged from broad access controls to poor contingency planning. In another report published earlier this month, the GAO found that agencies have ignored 1,000 out of 2,500 recommendations to improve the security of federal systems.