In 2022, the Federal Communications Commission (FCC) adopted rules to implement the Secure Equipment Act of 2021. Those rules, which in large part took effect on February 6, 2023, prevent manufacturers on the FCC’s Covered List – companies whose products are deemed to pose a risk by national security agencies – from obtaining the equipment authorizations necessary to sell new or updated products in US markets. Any manufacturer on the list is subject to the ban, but the FCC’s new rules do not apply to information security products, solutions and services, or telecommunications services provided by entities on the Covered List.
Recently, the FCC republished the Covered List as a reminder for all critical infrastructure owners and operators to take necessary steps in securing the nation’s most critical supply chains.
What You Should Do
Review the list supplied by the FCC and incorporate into supply chain risk management efforts. If you have any questions or need assistance in identifying vulnerable or otherwise high-risk devices such as those on FCC’s Covered List, reach out to a member of the BMT team.