Swiss Automation Inc., a precision machining company based in Illinois, has agreed to pay $421,234 to settle allegations of cybersecurity negligence related to its contracts with the U.S. Department of Defense (DoD). The settlement resolves claims that the company failed to implement adequate cybersecurity measures, resulting in the submission of false claims concerning parts blueprints supplied to DoD prime contractors.
According to the U.S. Department of Justice, the company was obligated to enhance its cybersecurity protocols in line with National Institute of Standards and Technology Special Publication 800-171 (NIST SP 800-171) guidelines. These standards have been essential for safeguarding sensitive government information since their introduction in 2017. The Justice Department also noted that Swiss Automation was aware of the additional security requirements imposed by the Cybersecurity Maturity Model Certification (CMMC) program, which outlines the security expectations for DoD contractors and suppliers.
In an official statement, Brett A. Shumate, Assistant Attorney General, emphasized the necessity for defense contractors to remain vigilant against evolving cyber threats. “As cyber threats continue to evolve, suppliers to defense contractors must be vigilant and take the steps required to protect sensitive government information from bad actors,” Shumate remarked.
U.S. Attorney Andrew S. Boutros, representing the Northern District of Illinois, stressed the critical nature of cybersecurity for companies handling sensitive data. Jason Sargenski, Special Agent-in-Charge of the Defense Criminal Investigative Service, highlighted the importance of safeguarding national security through robust data protection measures.
The allegations against Swiss Automation surfaced following a whistleblower complaint filed by Jaime Gomez, a former quality-control manager at the company. Gomez initiated the lawsuit under the False Claims Act, which allows private citizens to sue on behalf of the government for fraudulent claims. As part of the settlement, he will receive $65,291 as a reward for his role in exposing the company’s negligence.
The case, titled United States ex rel. Gomez v. Swiss Automation Inc., No. 1:22-cv-4328, involved collaboration between various Justice Department divisions and military branches. Senior Trial Counsel Gregory Pearson and Assistant U.S. Attorney Kathryn Kelly were instrumental in reaching this resolution.
This settlement serves as a reminder to defense contractors about the importance of adhering to cybersecurity standards to protect sensitive information and maintain national security. As the digital landscape continues to evolve, the implications of cybersecurity negligence can have far-reaching effects not only on companies but also on the nation as a whole.
