Robert Metzger Speaker: DoJ’s “Cyber Civil Fraud” Campaign: What Does It Mean to You
On February 18, Robert Metzger, RJO shareholder, will speak to members of WashingtonExec on “DoJ’s “Cyber Civil Fraud” Campaign: What Does It Mean to You.”
The federal government is determined to improve cyber security of agencies and departments. That’s clear from EO 14028 and from the Jan. 19 order extending the EO to National Security Systems. What the federal government wants is beyond anything in current rules or regulations. And, where cyber regulations are in place – like CMMC – they don’t get very far in meeting the ambitions of the EO or in dealing today’s very dangerous threat landscape. If anything, CMMC may be an object lesson that government attempts to compel cyber security is likely to follow a tortuous path to unsatisfactory results.
And yet – there is painful public evidence that any enterprise that works with the government is exposed to devastating consequences should they be the victim of a successful cyberattack. The degrading geopolitical situation (e.g., Ukraine) only emphasizes the risk. As bad things happen, government decision-makers will use every means at their disposal to improve protection of the industrial base against cybercrime –as well as cyberwarfare.
The government’s toolkit includes enforcement, and this is where the DoJ initiative fits in. It’s not easy to win a “civil cyber fraud case,” but it is very expensive and disruptive to defend one, and if false claims are proven, the liabilities can be enormous. DoJ wants companies to invest more into cyber and to elevate cyber assurance as a top executive priority. The threat of whistleblowers or government False Claim Act suits can be a powerful force motivating a broad swath of government contractors. DoJ wants to use its FCA program to change the calculus of governance, risk and compliance – and shape corporate behavior.
This session will emphasize what to expect from the DoJ initiative, where DoJ might find grounds to pursue False Claims Act allegations, and how prudent contractors can mitigate such risks and respond to investigation, if it comes to that. The objective is to identify compliance strategies and operational processes to limit civil cyber fraud exposure.