Photo of David Vance Lucas

David Lucas provides legal strategy for technology and business. He applies legal, technological and operational experience to craft strategic advice on a variety of intellectual property, international trade and complex litigation matters.

Continuing Increase in U.S. Regulation of Foreign Direct Investment

Impacts of Encryption Regulation and Strategic Competition Act on CFIUS

The last two years have seen the passage and expedited implementation of the Foreign Investment Risk Review Modernization Act (FIRRMA) – arguably the largest change in U.S. regulation of foreign investment since the 1975 creation of the Committee on Foreign Investment in the U.S. (CFIUS).

NISPOM Codified as Regulation; JPAS Retiring SoonIf your business holds a U.S. security clearance — or is in the process of applying for one — take note of two big changes at the Defense Counterintelligence and Security Agency (DCSA). First, after more than 25 years, the National Industrial Security Program Operating Manual (NISPOM) is now being codified in the Code of

DoD Has Two New Cybersecurity FrameworksA recent interim rule from the Department of Defense (DoD) would create a new self-assessment methodology for the cybersecurity requirements in NIST SP 800-171. The same rule also would implement the Cybersecurity Maturity Model Certification (CMMC) Framework. The interim rule, which was published on September 29, 2020, will become effective on November 30, 2020.

Cybersecurity Health & Compliance: Best Practices in Commercial Business & Government ContractingLearn how to protect critical data assets through basic cybersecurity hygiene, including email and password security and social media best practices. Other topics to be addressed include insider thread preparedness, cybersecurity and privacy issues in the remote work environment. In addition, government regulations and compliance topics, such as the coming Cybersecurity Maturity Model Certification and

DFARS / CMMC for 2020: Culmination of Efforts to Protect National Security Data and Networks 2020 Cybersecurity Requirements for Government Contractors

In 2016, the U.S. Department of Defense (DoD) issued a Defense Federal Acquisition Regulation Supplement (DFARs) intended to better protect defense data and networks. Beginning in 2017, DoD began issuing a series of memoranda to further enhance protection of defense data and networks via Cybersecurity Maturity Model Certification (CMMC).