On July 8, 2025, the Department of Justice (“DOJ”) is set to lift its self-imposed pause on enforcing certain violations of its Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons (the “Bulk Data Rule” or “DOJ Rule”), 28 CFR Part 202. The Bulk Data Rule, […]
Trump Administration Releases Cyber Executive Order Revealing Renewed Strategy for U.S. Cybersecurity
On June 6, 2025, President Trump issued an Executive Order (EO) on Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity, amending certain prior directives established by the Biden and Obama administrations. Importantly, the administration’s new directive maintains continuity of the cybersecurity goals of prior administrations and demonstrates that cybersecurity remains a bipartisan priority. However, the […]
DOJ Settles Another False Claims Act Case for Alleged Failures in Implementing NIST SP 800-171 and Basic Cybersecurity Controls
On May 1, 2025, the U.S. Department of Justice (DOJ) announced a settlement under the False Claims Act (FCA) involving defense contractors Raytheon Company (Raytheon), RTX Corporation (RTX), and Nightwing Group—the successor owner to one of Raytheon’s cybersecurity business lines (collectively “the Companies”). The Companies agreed to pay $8.4 million to resolve allegations of noncompliance […]
CISA Issues Enhanced Guidance to Mitigate Cyber Threats to Operational Technology Systems
Overview On May 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, Environmental Protection Agency (EPA), and Department of Energy (DOE), issued a joint fact sheet titled “Primary Mitigations to Reduce Cyber Threats to Operational Technology.” The document highlights priority actions that owners and operators of Operational Technology (OT) systems […]
DOJ Settles False Claims Act Case with MORSECORP Over Cybersecurity Program
On March 26, 2025, the United States Department of Justice (DOJ) announced that it had reached an agreement with MORSECORP Inc. (MORSE) to settle alleged violations of the False Claims Act (FCA), specifically regarding MORSE’s cybersecurity program. The DOJ and MORSE—a government contractor that provides services to both the Departments of the Army and Air […]