In 2019, two cases brought against Defense Industrial Base (DIB) vendors under the False Claims Act (FCA), changed the landscape for litigation risk of cybersecurity negligence. This session will cover Insider Threat program initiatives, how the huge rewards being paid to whistleblowers played into these scenarios, and the potential impact to the Cybersecurity Maturity Model Certification (CMMC) ecosystem.