Napolitano: Military to aid civilian cybersecurity

COLORADO SPRINGS, Colo. (AP) - The Defense Department's supersecret National Security Agency can be used "appropriately" on civilian cybersecurity matters, Homeland Security Secretary Janet Napolitano said Thursday.

Napolitano said the an agreement between the military and Homeland Security, announced this month, takes privacy and civil liberties into account.

"We're not going to have two NSAs, we're going to have one NSA that can appropriately be used for defense purposes but also appropriately used for civilian purposes," Napolitano told National Symposium on Homeland Security and Defense.

"That means that we have to, on the civilian side, be particularly cognizant of privacy issues, of civil liberties issues, and we have built that into the memorandum" laying out the arrangement, she said.

The agreement allows Homeland Security to tap into NSA expertise on cybersecurity issues. Napolitano said her department and the military are responsible for 95 to 99 percent of the federal jurisdiction for cybersecurity, so a partnership was logical and necessary to make the most of both departments' resources and expertise.

"I think (the agreement) will be looked back on as really the foundational agreement for how the United States as a country deals with cybersecurity," she said.

Napolitano didn't elaborate on what the NSA's role in civilian cybersecurity would be, and she left without taking questions.

Privacy groups have said the agreement requires safeguards to defend citizens' rights.

"There is a great need to insure that the NSA's tools for surveillance are not directed at the American public," Marc Rotenberg, executive director of the Electronic Privacy Information Center, said when the agreement was announced. He didn't immediately return a call after business hours Thursday.

Later Thursday, Napolitano said at a Denver speech that recent homegrown terror plots mean the public and law enforcement will be often in the "front lines" in the counterrorism battle.

"The threat landscape that we see today is one where increasingly, a local policeman or a member of the public may be in the best position to first notice something that could point to a terrorist attack being plotted or planned," she said.

Napolitano was speaking to Denver's Counterterrorism Education Learning Lab, a nonprofit group whose stated goal is to educate the public about the threat of terrorist attacks.

"Homeland Security begins with 'hometown security,"' she said. "We don't produce homeland security from Washington D.C., we produce it from the entire nation and what Washington D.C. needs to do is to educate, to empower, to share information and to push resources out to the country as a whole," she said.

In Colorado Springs, DHS' assistant secretary for cybersecurity and communications, Rear Adm. Michael Brown, said at the symposium Wednesday that the partnership between the DOD and DHS won't infringe on civil rights or expand the military's role.

"The agreement does not give the military authority to operate inside the U.S. in the event of a cyber attack," he said. "What it does do is formalize the process by which DOD and DHS will work together to protect the nation's cybernetworks and increases the clarity of focus of our respective roles and responsibilities."

The military has a legal obligation to protect citizens' privacy and civil liberties, said Air Force Maj. Gen. David Senty, chief of staff at U.S. Cyber Command, the Defense Department command responsible for military actions in cyberspace.

"We do not see Cyber Command and NSA as a balance between liberty and security. We work to protect both," Senty told the symposium Thursday.

He said talk of "cyberwar" has been exaggerated but critical networks are being "contested." He said the threat of a deliberate or accidental disaster is formidable, and it could create havoc on financial, utility and transportation computer networks.

Dozens of people were killed in Siberia in 2009 and a hydroelectric turbine was destroyed because remote operators typed in the wrong computer commands, Sentry said.

---

Associated Press Writer Ivan Moreno contributed to this report from Denver.