Photo of David Vance Lucas

David Lucas provides legal strategy for technology and business. He applies legal, technological and operational experience to craft strategic advice on a variety of intellectual property, international trade and complex litigation matters.

DoD Has Two New Cybersecurity FrameworksA recent interim rule from the Department of Defense (DoD) would create a new self-assessment methodology for the cybersecurity requirements in NIST SP 800-171. The same rule also would implement the Cybersecurity Maturity Model Certification (CMMC) Framework. The interim rule, which was published on September 29, 2020, will become effective on November 30, 2020.

Cybersecurity Health & Compliance: Best Practices in Commercial Business & Government ContractingLearn how to protect critical data assets through basic cybersecurity hygiene, including email and password security and social media best practices. Other topics to be addressed include insider thread preparedness, cybersecurity and privacy issues in the remote work environment. In addition, government regulations and compliance topics, such as the coming Cybersecurity Maturity Model Certification and

DFARS / CMMC for 2020: Culmination of Efforts to Protect National Security Data and Networks 2020 Cybersecurity Requirements for Government Contractors

In 2016, the U.S. Department of Defense (DoD) issued a Defense Federal Acquisition Regulation Supplement (DFARs) intended to better protect defense data and networks. Beginning in 2017, DoD began issuing a series of memoranda to further enhance protection of defense data and networks via Cybersecurity Maturity Model Certification (CMMC).