This presentation examines cybersecurity enforcement risks via the False Claims Act (FCA), offering practical suggestions to mitigate FCA liability. The session explores certification requirements for defense contractors and subcontractors and discuss how these certifications can give rise to FCA liability for false statements or statements made with reckless disregard for their truth or falsity. The session will also explore recent U.S. Department of Justice (DOJ) settlements related to cybersecurity compliance and offer lessons learned from those cases, together with practical suggestions to minimize FCA liability.