Government contractors should be increasingly vigilant about their cybersecurity practices following two years of the Department of Justice’s (DOJ) Civil-Cyber Fraud Initiative. Following the institution of this initiative, there has been a noticeable rise in both enforcement and regulatory activities concerning cybersecurity.
An example of this heightened activity was evident in September, with the unveiling of a ‘qui tam’ action under the False Claims Act (FCA) against Penn State University. The university allegedly failed to adhere to the Department of Defense’s (DoD) stringent cybersecurity standards, yielding significant implications for entities that contracted with federal agencies.
To learn more about the specific complaints and the broader implications of this case, you can refer to the complete article, as provided by Akin Gump Strauss Hauer & Feld LLP.
Given the demonstrated increase in enforcement actions, it is more important than ever for government contractors to understand and rigorously adhere to all relevant cybersecurity regulations. Failing to do so could be costly in terms of monetary penalties, imposed by enforced actions under the FCA, and severe reputational damage, with a potentially long-term impact on relationships with federal agencies.
An essential first step for contractors is to be thoroughly intimate with the requirements imposed by applicable federal agencies. Once they have a comprehensive understanding of these requirements, they can put systems in place to ensure compliance, thus averting the risk of enforcement actions.