In this compelling episode, we explore the recent whistleblower lawsuit filed by the United States Department of Justice against Georgia Tech and Georgia Tech Research Corporation. This case, which alleges significant cybersecurity breaches, has sent shockwaves through the defense contracting and academic communities.
Key Takeaways:
- Specific Contracts and Violations: We break down the particular contracts involved and the critical cybersecurity lapses, including failure to implement a System Security Plan (SSP) and the use of a false cybersecurity score.
- Egregious Violations: The case highlights the most serious violations—such as operating without anti-virus protection, submitting a fictitious SPRS score, and creating a false SSP based on a non-existent campus IT system.
- Intentional Misconduct: We delve into how Georgia Tech and GTRC knowingly violated federal cybersecurity requirements, particularly in handling Controlled Unclassified Information (CUI). Evidence and Documentation: Explore the evidence presented, including incriminating emails, text messages, and sworn testimonies that reveal a pattern of non-compliance and false claims.
- Impact on the Government: Learn about the damage done to the U.S. government, including millions of dollars paid for services that did not meet contractual obligations due to these cybersecurity failings.
- This episode is a must-watch for anyone involved in government contracting, cybersecurity, or compliance. We provide insights into how these violations were uncovered, the legal implications, and what this means for the future of cybersecurity in federally funded research. 🔔 Don’t forget to subscribe stay updated with our latest episodes on cybersecurity, legal developments, and more! Useful Links: DOJ Filing- https://www.justice.gov/opa/pr/united-states-files-suit-against-georgia-institute-technology-and-georgia-tech-research