On October 6, 2021, the DOJ announced the launch of the Civil Cyber-Fraud Initiative to combat the growing threat of cyberattacks. The Civil Cyber-Fraud Initiative’s goal is to prosecute and hold accountable businesses that put agencies at risk by knowingly providing deficient cybersecurity products or services, lying about their cybersecurity policies and procedures, or not following their legal obligations to monitor and report cybersecurity events.

Companies that do business with the federal government are required to comply with federal cybersecurity regulations. This helps to ensure that government information and systems are protected from malicious cyber-attacks. When contractors do not follow cybersecurity regulations, they lose their eligibility to obtain government contracts. But some companies knowingly choose not to follow cybersecurity compliance regulations and lie or mislead in order to keep or obtain a contract.

Whistleblowers and the False Claims Act

The DOJ and the Civil Cyber-Fraud Initiative will rely on the False Claims Act to identify and pursue individuals and companies that are not in compliance with cybersecurity regulations. The False Claims Act allows whistleblowers to file a lawsuit on behalf of the federal government.

When a whistleblower has inside information about cybersecurity compliance fraud, they can bring a case to stop the fraud and recover taxpayer funds lost because of the fraud. Whistleblowers are expected to play a crucial role in reporting cybersecurity misconduct.

Common Types of Cybersecurity Compliance Fraud

To do business with the federal government, companies must follow certain cybersecurity policies and standards. When these contractors knowingly disregard these rules, they are likely committing cybersecurity compliance fraud. Most commonly, contractors knowingly fail to abide by the cybersecurity requirements set forth in their contract with the government. Or they misrepresent their compliance with cybersecurity requirements. Companies are also in violation if they are aware of a suspected cybersecurity breach and fail to report it in a timely manner to the government.

According to Deputy Attorney General Lisa O. Monaco, “For too long, companies have chosen silence under the mistaken belief that it is less risky to hide a breach than to bring it forward and to report it… [DOJ] will use our civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk. This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust.”

Contact Us

Do you have information about a government contractor not complying with federal government cybersecurity regulations? Whistleblowers who have inside information about cybersecurity compliance fraud can receive a monetary award for reporting cybersecurity compliance fraud.

With more than 30 years of experience, the attorneys on Baron & Budd’s whistleblower representation team have represented dozens of clients in government fraud cases returning over $5.4 billion to federal and state agencies, with whistleblower recovery shares as high as 49%. They are ready to help if you feel you have the evidence needed to file a whistleblower complaint.

Please call (866) 845-2164 or complete our contact form if you would like more information. For more information, see What You Need to Know About Becoming a Whistleblower. Please understand that contacting us does not mean that you have established an attorney-client relationship with Baron & Budd, P.C.