In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit against Penn State University relating to allegations of non-compliance with Department of Defense (“DoD”) cybersecurity obligations. Separately, on September 5, 2023, the Department of Justice (“DOJ”) announced a multi-million dollar FCA settlement with Verizon under its Civil-Cyber Fraud Initiative (which focuses on leveraging the FCA to pursue cybersecurity related fraud by government contractors and grant recipients, as we previously discussed here). These and other cases suggest—as many had been speculating—that the number of enforcement actions and publicity associated with previously-sealed qui tam cases will continue to increase. They also signal that contractors and universities should brace for additional scrutiny and potential whistleblower claims in this area.Continue Reading Recent Cyber-Related False Claims Act Activity Signals Contractors and Universities Should Examine Their Cybersecurity Practices and Brace for an Uptick in Enforcement
Townsend Bourne
Townsend Bourne is a partner in the Governmental Practice in the firm's Washington, D.C. office. She also is Leader of the firm’s Government Business Group.
Cybersecurity Incident Response
In the first installment of our cybersecurity series, we discussed the importance of developing and implementing practical Information Security policies and procedures within your organization as well as the ethical and legal obligations you have to protect sensitive data within the organization.Continue Reading Cybersecurity Incident Response
Ethics & Compliance: Let’s Talk About Cybersecurity
Over the past few months, the OIG shorts series focused on structuring and implementing a comprehensive and effective ethics and compliance program. Many times, this requires a mindset shift from a checking-the-box mentality to a wholistic approach in which everyone feels they have an important role to play. Nowhere is this more apropos than in the area of cybersecurity including developing a data security strategy and maintaining an effective incident response plan.Continue Reading Ethics & Compliance: Let’s Talk About Cybersecurity