Cyber FCA Tracker

On October 6, 2021, the U.S. Department of Justice (DOJ) announced its Civil Cyber-Fraud Initiative, which would combat cyber threats to the security of sensitive information and critical systems, using the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors and grant recipients. DOJ said the initiative would target individuals and entities that receive federal funds and knowingly (1) provide deficient cybersecurity products or services; (2) misrepresent their cybersecurity practices or protocols; or (3) violate obligations to monitor and report cybersecurity incidents and breaches. DOJ also encouraged whistleblowers to come forward with information about companies’ deficient cybersecurity practices.

DOJ and relators have actively been pursuing these cases, and we have seen an uptick in cyber FCA settlements and a smaller number of cyber FCA cases filed, creating risk for companies doing business with the federal government in a variety of industries such as defense contractors, medical device companies, private equity firms, and universities to name a few. In the chart below, Arnold & Porter tracks cybersecurity FCA resolutions, identifies key concepts, and provides links for additional information related to each resolution. Where we have previously blogged about a particular resolution, you will see a link in the “Other Documents” column to the relevant Qui Notes Blog.

Arnold & Porter represents clients across industry sectors in cyber FCA matters and provides advice on cybersecurity compliance matters more generally. Our team includes former high-level government attorneys and experienced FCA practitioners who offer unparalleled insights and extensive experience in investigations, defense, regulatory, and compliance matters. If you have any cyber FCA-related questions or concerns, the contacts below are available to answer questions and provide guidance.

Key Contacts