Companies that sell equipment and services to the U.S.military will be forced to disclose business ties that allow foreign governments to access their sensitive data, such as software source code, under the Senate version of an annual defense bill.

Both Russia and China have required companies to submit to source code reviews in order to win certain government contracts.

The provision, added by Sen. Jeanne Shaheen, D-N.H., comes amid heightened concern about how U.S. cyber adversaries might use private companies as spying tools.

The Senate version of the 2019 National Defense Authorization Act explicitly bars the Chinese telecoms Huawei and ZTE from Defense Department networks while the House draft banned the companies from all federal networks. Intelligence officials and lawmakers have long fretted the companies were tied too closely to the Chinese government.

Last year’s NDAA included a governmentwide ban of the Russian anti-virus provider Kaspersky Lab.

It’s not clear yet if other major tech and cyber provisions of the House bill made it into the Senate draft. Those provisions included transferring day-to-day management of the Defense Department information networks from the Defense Information Systems Agency to U.S. Cyber Command.

Read More...