Verizon Business Network Services, a unit of Verizon has agreed to pay $4.1 million to resolve allegations by the U.S. Justice Department that it failed to follow required cybersecurity standards in providing secure internet connections and other external networks to federal agencies.
The settlement resolves allegations that Verizon did not completely satisfy three required cybersecurity controls in contracts from 2017 to 2021. The Justice Department said that such failures “may jeopardize the security of sensitive government information and information systems.”
Verizon said that it “proactively identified and disclosed” the issue to the General Services Administration in 2020 and that it took steps to mitigate the risk. The company also said that the issue did not result in a security or data breach.
The settlement is based on the possible consequences of government contractors failing to follow cybersecurity rules. Such failures, according to Deputy Assistant Attorney General Michael Granston, might jeopardize the security of critical government information and information systems.
The settlement does not make any determination of liability. However, the Justice Department said that it gave Verizon credit for disclosing the issue and cooperating with the investigation.
The sources for this piece include an article in Reuters.