While the Executive Order primarily focuses on concrete steps the federal government must take to adopt cybersecurity best practices, there are several provisions that will also significantly impact government contractors, subcontractors and other private sector entities.
The Department of Justice (DOJ) recently announced an $11.3 million settlement of False Claims Act allegations against a Department of Defense (DOD) contractor that allegedly falsely certified compliance with DOD cybersecurity contract requirements.
A bill establishing a new vulnerability disclosure program for federal contractors has passed the House, and will now move on to the Senate to be reviewed by the Committee on Homeland Security and Governmental Affairs.