The Department of Justice is launching a new "civil cyber fraud initiative" that will seek fines from companies that don't properly disclose data breaches, Deputy Attorney General Lisa Monaco said Wednesday. "For too long, companies have chosen silence, under the mistaken belief that it's less risky to hide a breach than to bring it forward and to report it," Monaco said during a conversation at the Aspen Cyber Summit. "Well, that changes today."
Monaco said going forward, the DOJ will use its "civil enforcement tools" to go after companies that are government contractors or receive federal funding when they fail "to follow required cybersecurity standards."
"We know that puts all of us at risk, and will protect whistleblowers who bring those violations and those failures forward," she said. The DOJ will use its authorities under the False Claims Act to extract "very hefty fines" from companies that who "misuse government dollars or who engage in engaged in abuse," she added.
During the conversation, Monaco also announced the launch of a national cryptocurrency enforcement team, which will aim to root out criminal networks that hide behind cryptocurrency platforms. "We want to strengthen our capacity to dismantle the financial ecosystem that enables these criminal actors to flourish, quite frankly, and to profit from what they're doing," Monaco said.