BIRMINGHAM — Huntsville-based defense contractor LOGZONE Inc. has agreed to pay $507,144 to resolve allegations that it failed to comply with cybersecurity requirements tied to contracts with the U.S. Department of the Navy, according to the U.S. Attorney’s Office for the Northern District of Alabama.

The settlement resolves claims brought under the False Claims Act alleging that LOGZONE knowingly submitted claims for payment on two Navy contracts while failing to meet required cybersecurity standards designed to protect sensitive defense information.

Federal officials said government contractors that handle sensitive defense-related data are required to implement cybersecurity safeguards established under National Institute of Standards and Technology (NIST) Special Publication 800-171. The standards are intended to protect controlled and sensitive information from cyber threats and unauthorized access.

According to the settlement, LOGZONE allegedly failed to implement certain required cybersecurity controls between May 2021 and March 2025. Officials said the missing controls could have increased the risk of system exploitation or the unauthorized release of sensitive defense information.

The compliance issues were identified during a cybersecurity assessment conducted by the Defense Contract Management Agency. As part of that review, LOGZONE received a score of negative 170 on its implementation of NIST SP 800-171 controls. Federal officials noted that assessment scores can range from negative 203 to 110, with higher scores indicating greater compliance.

Assistant Attorney General Brett A. Shumate of the Justice Department’s Civil Division emphasized the importance of enforcing cybersecurity requirements for government contractors that handle sensitive defense information.

U.S. Attorney Phillip W. Williams Jr. for the Northern District of Alabama said protecting sensitive defense information is critical to national security and that contractors must make compliance with federal cybersecurity requirements a priority.

Navy Vice Admiral Stephen Tedford, Director of the Defense Contract Management Agency, said cybersecurity provisions in federal contracts are essential for safeguarding sensitive information involved in government operations and missions.

The investigation involved a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section, and the U.S. Attorney’s Office for the Northern District of Alabama. Assistance was also provided by the Department of the Navy Office of the General Counsel, Naval Criminal Investigative Service, Department of the Army Criminal Investigation Division, and the Defense Contract Management Agency’s Defense Industrial Base Cybersecurity Assessment Center.

Federal officials noted that the case is part of ongoing efforts to combat fraud, waste and abuse in federal programs and to ensure that contractors receiving government funds comply with contractual and legal obligations.

The case was handled by Fraud Section Trial Attorney Graham D. Welch and Assistant U.S. Attorney Don Long for the Northern District of Alabama.