On January 29, 2024, the U.S. Department of Commerce’s (DOC) Bureau of Industry and Security (BIS) issued a proposed rule seeking to secure U.S. Infrastructure as a Service (IaaS) products against foreign parties seeking to use such products to engage in malicious cyber-enabled activity. Specifically, the proposed rule would impose certain due diligence and reporting requirements on U.S. IaaS providers and their foreign resellers.