One of the most important and continuing developments in government contracting over the last several years centers around cybersecurity. The Department of Defense’s CMMC program, and its recent iterations and rollouts, the Cybersecurity & Infrastructure Security Agency and its growth, and the Department of Justice’s Civil Cyber-Fraud Initiative are examples of the federal government’s sweeping (and swift) initiative to address and combat cyber-attacks by way of its supply chain. As a result, contractors and their subcontractors are not only facing increased compliance requirements – that for the most part do not delineate between small and large concerns in terms of applicability – they are also dealing with a customer who is serious about scrutiny, enforcement, and legal ramifications.
The Aerojet Rocketdyne Settlement
Although the cyber compliance regulations are relatively new and place a significant implementation burden on companies, the government is making it clear that noncompliance is not an option. Most notably, the Department of Justice’s Civil Cyber-Fraud Initiative’s use of the False Claims Act resulted in a settlement recently against Aerojet Rocketdyne. The contractor agreed to pay $9 million dollars to resolve claims that it violated the Act by misrepresenting its conformance with cybersecurity obligations. The whistleblower was a former employee who alleged Aerojet made false statements about the company’s noncompliance with the applicable DFARS and...
The author and behavioural scientist, Gad Saad, has just published a book on what he calls “suicidal empathy”. He says that “a society dies when it cares more about exhibiting infinite tolerance a...