Nowadays, many people are familiar with at least some types of protected information, whether in the form of personal health information or government-classified information. But, contractors working with the Department of Defense (“DoD”) must remember to protect another type of information: controlled unclassified information (“CUI”). Failure by government contractors to put processes in place that protect CUI could result in the loss of contracting opportunities or potential False Claims Act-related litigation. For more information about the far-reaching implications of cybersecurity requirements on government contractors, please also see Matt Feinberg’s blog on the recent settlement of a cybersecurity False Claims Act (“FCA”) litigation; Isaias “Cy” Alba’s piece about cybersecurity, implied certifications, and the FCA; and Dave Shafer’s analysis of current cybersecurity standards and the DoD’s plans to remedy confusion.
Continue reading at: Piliero Mazza