Industry news outlets have buzzed this week with the story that the Department of Justice is pursuing a False Claims Act case against Georgia Tech for alleged cyber fraud.  This suit is apparently not tied to Tech’s upset victory over Florida State but is rather something that all contractors should follow.  Government contract lawyers say that DOJ’s intervention in the previously filed whistle blower case could serve as a warning to contractors about the risks of ignoring federal cybersecurity requirements.  The complaint alleges that Georgia Tech’s Astrolavos Lab neglected to implement several cybersecurity controls required as part of its contracts with the Defense Department.  In addition, it is alleged that the university provided a false or misleading compliance score to the government indicating that a self-assessment found that they were largely compliant with DOD’s cyber requirements.  Georgia Tech’s response, though, states that “This case has nothing to do with confidential information or protected government secrets.”  They further point out that the government published the final report on the university’s work.  While all the facts are not yet public, Tech may be on shaky ground if their defense is essentially, “it didn’t matter if we didn’t take certain steps so long as nothing bad happened and the end user was happy.”  That is not a defense that is likely to be successful.  The growth of cybersecurity related contract requirements has been exponential over the past several years, making it difficult for companies to track all of the potential requirements they could face.  As with any other contract requirement, however, contractors are expected to know what they’re signing up for and take steps to comply.  Watch the outcome of this case.