DOJ to Federal Contractors: Abide by Standards or Face Hefty Fines
The DOJ announced a new civil cyber-fraud initiative aimed at fighting cyber threats and holding government contractors accountable to their commitments to protect information.Request A CMMC Readiness Assessment
On October 6, Deputy Attorney General Lisa O. Monaco announced a new civil cyber-fraud initiative aimed at fighting cyber threats and holding government contractors accountable to their commitments to protect information.
The new initiative will use the False Claims Act to act on cybersecurity related fraud by contractors failing to meet their obligations. According to the act, it is a “false claim” to make a statement material to a contract claim for payment that is known to be false, or in reckless disregard of the truth, or in deliberate ignorance of the truth.
When applied to the new initiative, these false claims can include:
The government often uses the False Claims Act to rectify fraudulent claims for federal funds and property involving government programs and operations. The act includes whistleblower protections, which in this specific application would allow private citizens to help identify and pursue fraudulent conduct and violations of the cybersecurity standards set by the Department of Justice.
To enforce this new initiative, firms that fail to abide by the cybersecurity standards set may face hefty penalties. Those penalty fines, combined with the potential loss of government contracts, could create substantial risks to business’ revenue streams. The fines can range from a $11.5K to $22.25K penalty per misstatement, plus three times the amount of damages the government suffers. There also can be criminal risk for knowing and willful failures.
As DOD contractors ourselves, SSE can advise you on how to prepare your business to meet cybersecurity regulations. SSE has managed classified data and controlled unclassified information through evolving regulations for more than 12 years, and we have been certified by the CMMC Accreditation Body as a Registered Provider Organization (RPO).
Adhering to required cybersecurity standards can make or break your business. Contact us today for an initial NIST consultation.