The U.S. Department of Justice (DOJ) continues to prioritize cybersecurity enforcement under the False Claims Act (FCA), as highlighted by recent settlements totaling $11.5 million with Illumina Inc. and Aero Turbine Inc. These cases underscore that companies can face FCA liability for misrepresenting cybersecurity compliance—even in the absence of actual breaches. The DOJ’s actions signal heightened scrutiny of software-enabled products sold to federal agencies and emphasize the importance of adhering to standards like ISO and NIST. Notably, private equity owners were also held accountable, reinforcing the need for robust cybersecurity governance across corporate structures.