In an October 21, 2021 interim final rule (“IFR”), the Bureau of Industry and Security (“BIS”) published long-awaited “cybersecurity items” controls in Categories 4 (Computers) and 5, Pt. 1 (Telecommunications) of the Commerce Control List (“CCL”) and followed the IFR up on November 12, 2021 with relevant FAQs.  The IFR will impose new export controls on certain “cybersecurity items” that relate to “intrusion software” or “IP network communications surveillance.” The IFR, originally scheduled to become effective on January 19, 2022, will now become effective on March 7, 2022.  In the January 12, 2022 notice announcing the delay, BIS stated it “may consider some modifications for the final rule” and indicated it would “provide the public with additional guidance.”  Below we describe the IFR as it currently stands.  We will update readers when BIS implements any additional edits to the IFR and/or updates its guidance.