United States: national security review The national security review process in the United States – often referred to as the Exon–Florio or CFIUS1 review process, after the relevant authorising statute and enforcement agency, respectively – has existed for decades. It originally focused, at least in practice, on the acquisition by foreign companies of US businesses directly or indirectly supplying the US Department of Defense, but especially after the 9/11 terrorist attacks, the concept of national security – and therefore the types of transactions subject to review under the regime – was broadened by statute and in practice. National security is an ever-evolving concept, and as cybersecurity concerns increase in the wake of suspected state-sponsored or other cyber attacks, CFIUS is focusing more on such concerns. Today, the national security review process can be an important part of many transactions, even though it remains voluntary. Examples of industries in which notifications under the regime have been submitted include computers, network security, cyber systems, energy (development and transport), semiconductors, aerospace, telecommunications, optics, robotics, mining and natural resources, plastics and rubber, automotive, financial services, coatings and adhesives, chemicals and steel.