US companies must tread carefully with cyber exports

The desire of U.S. allies in the Middle East and elsewhere around the globe to obtain cyber tools and expertise from U.S. companies is creating challenges when it comes to export-control rules and other related mattters, reports the Washington Post.

Among the allies actively requesting cyber tools and expertise from U.S. technology companies are Qatar, Saudi Arabia, Kuwait, Oman and the United Arab Emirates, the story said. The issue is a highly delicate matter because the desire of countries to have U.S. personnel running offensive cyber operations for allies might be interpreted as an act of war, the story said.

The U.S. government and private sector are actively trying to find ways for U.S. firms with cyber expertise to remain competitive in the global market, make sure that U.S. allies can defend themselves in cyberspace, and at the same time make sure that skills and technology do not wind up in the hands of adversaries, the story said.

Under State Department export-control rules, U.S. companies must obtain a license to train foreign governments in cyber-capabilities for a national security purpose. The license requests are reviewed by the Pentagon’s Defense Technology Security Administration. In some cases, the National Security Agency also must be involved.

The State Department has declined to say how many licenses have been issued, the story said.