#cybersecurity-compliance

#cybersecurity-compliance

Investigations into alleged violations of cybersecurity requirements under the federal civil False Claims Act (FCA) and its state analogues are increasingly an area of focus for the U.S. Department of Justice (DOJ), state attorneys general and whistleblowers (known as qui tam plaintiffs or relators under the FCA). We expect a continued uptick in enforcement activity, leading to elevated risk and additional potential financial exposure for companies subject to government cybersecurity requirements.

It's about to get a lot harder for private companies that are lax on cybersecurity to get a contract with the Pentagon, as the Defense Department has finalized a rule requiring contractor compliance with its Cybersecurity Maturity Model Certification (CMMC) program. The final rule, which was released as a preview ahead of its formal publication in the Federal Register on Wednesday, will go into effect on November 9.

ENISA found a need to align requirements across borders in each NIS sector, emphasizing that collaboration must be strengthened through community building events and cooperation.