Just a few hours ago I landed in Washington DC’s Reagan National Airport. I was struck by a billboard inside the terminal… it said, cybersecurity is no longer an IT concern, it is a CEO concern. That’s certainly true.
Companies have lost billions of dollars in value overnight when a hacker gets customer information. The $101 million cyberhack of Bangladesh Bank was big news but the hack of Sony Corporation caused its PlayStation network to be shut down for 2 months and cost the company an estimated $170 million and untold reputational damage. Target says the data breach they suffered cost the company $252 million. Only a fraction of that was covered by insurance.
So what can be done? In many instances, the companies suffering these breaches and computer cyber attacks have horrible security. Some companies don’t even have a firewall. As consumers grow irate and hacking occurs daily, the government is ramping up its cyber defense network and requiring private businesses to do the same.
Some of the biggest industries to now have stringent new government cyber security and reporting rules are banking and defense contractors.
Defense Department Cybersecurity Rules
The Department of Defense recently released new rules requiring military contractors and vendors to immediately report any data breaches or hacks. Most of our military hardware, missile guidance systems, planes, ships, tanks and the like come from contractors. We certainly don’t want these systems and the technology behind them to fall into enemy or a terror group’s hands. Yet the security protecting these vital secrets is often nonexistent or rudimentary.
In releasing the new rules, the Defense Department said, “Recent high profile breaches of federal information show the need to ensure that information security protections are clearly, effectively and consistently addressed in contracts. Failure to implement this rule may cause harm to the government through the compromise of covered defense information or other government data, or the loss of operationally critical support capabilities, which could directly impact national security.”
How will the government know if a private contractor was hacked or has inadequate data security? Enter the whistleblower.
If hackers and identity theft are becoming one of the most important law enforcement concerns, whistleblowers are the best first line of cybersecurity defense. Under the federal False Claims Act, they can receive huge cash awards for their inside information about breaches and hacks in the defense sector. They can also be protected from retaliation.
Bank Cybersecurity Rules
Remember how this post began? The loss of $101 million from Bank of Bangladesh?? The New York Federal Reserve Bank was the point of entry for the wire transfer requests that resulted in the huge losses.
The Office of the Comptroller of the Currency, (OCC), Federal Reserve Board, and FDIC have all been busy working on cybersecurity initiatives, Regulators want to protect depositor’s funds and maintain faith in the banking system. They can’t do that if banks don’t beef up their security protocols or promptly report hacking attempts.
Like defense cyber hacking, there are awards available for whistleblowers with inside information about banking computer security violations. The Financial Institutions Reform, Recovery and Enforcement Act (FIRREA) pays awards up to $1.6 million for inside information about events that hurt the financial stability of banks.
If ever there was an ideal moment in history for whistleblowers to come forward, now is that time. The U.S. government is grappling with terrorism, hackers and bank fraud and simply can’t keep up. By coming forward, whistleblowers are the new American heroes and save taxpayers billions of dollars each year. In the case of defense and intelligence agency cybersecurity, they may very well save lives too.
Interested in becoming a whistleblower? We would love to help you stop greed, stop corruption, stop fraud and earn the highest whistleblower awards allowed by law. In the last five years, our whistleblower clients have received over $100 million in awards.
For more information, visit our cybersecurity page or contact attorney Brian Mahany at or by phone at (414) 704-6731. (Please don’t contact us from a work phone, work email address or work computer if you are calling about misconduct involving your employer!) All inquiries are protected by the attorney-client privilege.
MahanyLaw – America’s Whistleblower Lawyers