Interim Final Rule on IT Supply Chain Security to Take Effect March 22
Comments are due March 22 in docket 2019-0005 on the Commerce Department’s interim final rule for “securing" the information tech supply chain against threats from foreign adversaries, said Tuesday’s Federal Register. Though the interim rule will take effect the day comments are due, Commerce “continues to welcome public input.” Once it evaluates additional comments, it’s “committed to issuing a final rule,” the agency said. “Some foreign adversaries are known to exploit the sale of software and hardware to introduce vulnerabilities that can allow them to steal critical intellectual property” or data, the department said: "Unrestricted acquisition or use" of IT supply chains that were designed by people “subject to the jurisdiction or direction of a foreign adversary constitutes an unusual and extraordinary threat to the national security.”