Matthew LaGarde writes:
The US Department of Defense’s implementation of a new cybersecurity framework, the Cybersecurity Maturity Model Certification 2.0 or CMMC, will require more than 300,000 military contracting companies to improve their cybersecurity protections.
These safeguards are critically important, but it appears that more than half of military contractors are unprepared to meet these new requirements when phase 1 begins on Nov. 10.
Over the past several years, we have seen that cybersecurity whistleblowers at defense contractors are increasingly willing to come forward. Major companies, including Raytheon and Aerojet Rocketdyne, have already paid millions of dollars to the US Department of Justice to resolve cybersecurity fraud claims brought by whistleblowers under the federal False Claims Act. In general, whistleblowers bring such claims because their employer ignores or retaliates against them when they raise concerns internally.
Read more at Bloomberg Law.