Georgia Institute of Technology, also known as Georgia Tech, and its affiliate Georgia Tech Research Corporation have been taken to court by the U.S. over their alleged failure to ensure unclassified information protections under the Department of Defense's cybersecurity standards for government contractors, according to The Register.
Included in the lawsuit were claims that Georgia Tech's Astrolavos Lab, which was tasked to focus on national security-impacting cybersecurity issues, did not create and adopt a Defense Department-compliant cybersecurity plan from May 2019 to February 2020, with later implementation marred by inadequate scoping. Aside from Astrolavos Lab allegedly failing to ensure anti-malware system adoption across its network and devices from May 2019 to December 2021, both Georgia Tech and GTRC were also alleged to have provided a misleading cybersecurity assessment score in December 2020.
"Deficiencies in cybersecurity controls pose a significant threat not only to our national security, but also to the safety of the men and women of our armed services that risk their lives daily. As force multipliers, we place a substantial amount of trust in our contractors and expect them to meet the strict standards our service members deserve," said Darrin Jones, special agent-in-charge at the DoD Office of the Inspector General Defense Criminal Investigative Service Southeast Field Office.