Contractors That Conceal Data Breach Events Will Be Sued by The US Government

Contractors That Conceal Data Breach Events Will Be Sued by The US Government

According to the new Civil Cyber-Fraud Initiative unveiled today by the US Department of Justice, Government contractors will be held liable in civil court if they don’t notify a breach or fail to satisfy minimum cybersecurity requirements.

The program provides the Department of Justice with the necessary leverage to combat digital threats to sensitive information and key systems posed by federal agency partners.

As per Deputy Attorney General Lisa O. Monaco, this effort empowers the Department of Justice to prosecute federal contractors who remain silent about a breach or fail to meet cybersecurity standards.

The initiative, led by the Commercial Litigation Branch’s Fraud Section, will use the False Claims Act (FCA), which renders anybody who intentionally files false claims to the government accountable.

The Act includes a whistleblower clause that permits private individuals to report and prosecute fraudulent activity. Whistleblowers are protected and receive a large portion of any recovered cash.

The benefits of this effort are intended to vary from strengthening general cybersecurity procedures to increasing the security of information systems in both the corporate and governmental sectors:

  • Expanding the government, public sectors’, and significant industrial partners’ resistance to cybersecurity incursions
  • Supporting government specialists in their efforts to discover, produce, and distribute fixes for vulnerabilities in widely used information technology products and services on time
  • Holding contractors and grantees accountable for protecting government data and infrastructure
  • Ensuring that businesses who obey the regulations and invest in cybersecurity are not at a competitive disadvantage
  • Improving comprehensive cybersecurity procedures for the government, private users, and the general public in the United States
  • Providing compensation to the government and taxpayers for damages suffered when businesses fail to meet their cybersecurity obligations

Anyone can be a target of ransomware. Recently, a U.S. government contractor reported a breach that has cost the company $500,000 to $1 million. The company called it a “learning experience” and shared it with other organizations to raise their awareness.

“It could happen to anyone,” Sandesh Sharda, president of Arlington, Virginia-based Miracle Systems, told CyberScoop. “We keep hearing about all these hacks all the time, whether it’s Baltimore, whether it’s Texas, whether it’s Capital One, commercial or government. This is not going to go away… How we prepare our industry for these kinds of hacks is [what’s] most important.”

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.