Stronger foreign cyberattack defenses for cloud services sought

U.S. cloud infrastructure-as-a-service providers would be compelled to verify the identities of foreign users under a new proposed rule by the Department of Commerce's Bureau of Industry and Security in a bid to bolster defenses against foreign cybersecurity threats, according to FedScoop. The proposed rule would also require reports from IaaS providers detailing foreign individuals looking to use their technologies for developing artificial intelligence models amid the Biden administration's efforts to strengthen AI safety and security. "Today's proposed rule gives the Secretary of Commerce the tools she needs to address risks while maintaining the Department's overall approach to national security: to innovate and do business wherever we can, and to protect what we must," said Commerce Department Undersecretary for Industry and Security Alan Estevez. Industry executives have expressed support for the rule, which is open for public comments until the end of April. "We support Know Your Customer (KYC) requirements for providers of AI infrastructure and cybersecurity best practice requirements for providers of Infrastructure-as-a-Service (IaaS) products, and we look forward to opportunities to provide input on how those requirements are further defined and implemented," said Microsoft Corporate Vice President for Government Affairs Fred Humphries.