Earlier this month, the White House released the National Cybersecurity Strategy Implementation Plan outlining specific “high impact initiatives” that the federal government will carry out to achieve its cybersecurity objectives.
Initiative Number 3.5.2 of the Implementation Plan is titled: “Leverage the False Claims Act to improve vendor cybersecurity.” Specifically, the initiative states that the Department of Justice (DOJ) will “expand efforts to identify, pursue, and deter knowing failures to comply with cybersecurity requirements in Federal contracts and grants.”
This is part of the Civil Cyber-Fraud Initiative (CCFI), which the DOJ launched in October 2021 to “hold accountable entities or individuals that put US information systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cyber incidents and breaches.”
Since its launch, the DOJ has announced several False Claims Act (FCA) settlements under the initiative. For example, in March 2022, the DOJ announced that Comprehensive Health Services LLC (CHS) paid $930,000 to resolve allegations that it billed the State Department approximately $485,00 for storing medical records in a secure Electronic Medical Record system, although the DOJ alleged that many medical records were in fact saved...
Dr. Natalia Krasovkaya, director of the National Center for Public Diplomacy (CND), has recently circulated in online publications accusing her of involvement in recruiting African nationals for t...