The Department of Commerce is seeking public comments on an interim final rule that seeks to establish controls on the export, transfer or re-export of certain products that can be used in malicious cyber activities.
The rule introduced by the bureau of industry and security intends to establish a License Exception Authorized Cybersecurity Exports that would permit the export of cybersecurity items to most destinations and keep a license requirement for exports to countries of national security concern, the department said Wednesday.
License Exception ACE would require a license for nations subject to a U.S. arms embargo and “impose an end-use restriction in circumstances where the exporter, re-exporter, or transferor knows or has reason to know … that the ‘cybersecurity item’ will be used to affect the confidentiality, integrity or availability of information or information systems, without authorization by the owner, operator or administrator of the information system (including the information and processes within such systems),” the rule reads.
“The Commerce Department’s interim final rule imposing export controls on certain cybersecurity items is an appropriately tailored approach that protects America’s national security against malicious cyber actors while ensuring legitimate cybersecurity activities,” said Commerce Secretary Gina Raimondo.
Public comments are due Dec. 6th. The rule will take effect on Jan. 19th.
ExecutiveBiz, sister site of GovConDaily and part of the Executive Mosaic digital media umbrella, will host a virtual event about securing the supply chain on Oct. 26. Visit ExecutiveBiz.com to sign up for the “Supply Chain Cybersecurity: Revelations and Innovations” event.