The Department of Justice last Friday said that aerospace and defense contractor Aerojet Rocketdyne [AJRD] has agreed to pay $9 million in penalties to resolve allegations that the company misrepresented its compliance with federal contracting requirements related to cybersecurity.

The settlement resolves a whistleblower complaint filed by a former company employee, Brian Markus, who will receive $2.6 million of the payment.

The Justice Department last fall initiated a civil cyber-fraud initiative to protect U.S. information networks by holding accountable organizations and individuals that put them at risk “by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches,” the department said.

“Whistleblowers with inside information and technical expertise can provide crucial assistance in identifying knowing cybersecurity failures and misconduct,” Brian Boynton, principal deputy assistant attorney general and head of the department’s Civil Division, said in a statement.

The settlement, which does not include a determination of liability, follows a nasty proxy battle between Aerojet Rocketdyne CEO Eileen Drake and the company’s then executive chairman, Warren Lichtenstein. Drake and her faction won the battle to elect her slate of eight board members, knocking Lichtenstein and his allies off the board.