Aerojet Offers Insight into the Financial and Legal Risks of Cybersecurity in DFARS
On April 26, Aerojet Rocketdyne settled the first-of-its-kind cybersecurity-focused False Claims Act (FCA) case for $9 million dollars, in addition to other undisclosed payments. As we mentioned in a previous Cybersecurity Law Snapshot, United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc. involved the cybersecurity requirements outlined in the Defense Federal Acquisition Regulations Supplement (DFARS). Aerojet stood accused of misrepresenting its compliance with the DFARS § 252.204-7012 cybersecurity requirements through allegedly false claims and insufficiently partial disclosure of compliance shortfalls. This case was the first instance in which a court found that a failure to comply with cybersecurity regulations could serve as the basis for an FCA suit.
While the settlement cut short a full-fledged holding on this particular case, the Department of Justice (DOJ) has already hinted that this will be the first in a new string of FCA crackdowns. Accordingly, there are a few critical takeaways, particularly from the DOJ’s statement of interest, that clients involved in government contracts should remain mindful of:
· Non-compliance with the cybersecurity requirements can be considered a material cause for the government to enter into a contract;
SPRINGFIELD – The Illinois Education Association (IEA) is working to pass Senate Bill 2914 this session, a bill that would put an end to a long-time practice of school administrators keeping accus...