Data Privacy & Cybersecurity » DOJ Using Lawsuits To Incentivize Contractor Cybersecurity

DOJ Using Lawsuits To Incentivize Contractor Cybersecurity

June 26, 2024

DOJ Using Law Suits To Incentivize Contractor Cybersecurity

One of the oldest laws on the books is being used to force corporations to up their cybersecurity game. The False Claims Act was passed in 1863 to go after Civil War contractors who sold the Union Army sick horses, faulty weapons, and spoiled food U.S. Attorneys have been using it against contractors that mislead the government about their contractor cybersecurity defenses.

The Record reports that a cascade of high-profile hacks at major companies has demonstrated that corporations often prioritize profits over cybersecurity. The DOJ’s Civil Cyber-Fraud Initiative is the administration’s strategy for enforcing cybersecurity rules in federal contracts.

“This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust,” said Deputy Attorney General Lisa Monaco.

The initiative is a key part of the White House’s focus on “incentivizing and shaping the market forces” driving companies’ cybersecurity decisions, a senior DOJ cyber official told The Record.

The DOJ has closed several cyber-fraud cases as part of the initiative. Comprehensive Health Services LLC settled allegations that it misrepresented how safely it stored medical records in a system it built for the State Department for $93,000 in 2022. 

In July 2022, Aerojet Rocketdyne Inc. paid $9 million to settle allegations that it misrepresented its compliance with cybersecurity requirements in contracts for propulsion systems for satellites and missiles.

The DOJ is considering whether to join a lawsuit filed by a Penn State University IT executive who says the university, which has contracts with the military, failed to protect sensitive government data.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top