DHS chief says cybersecurity is a civilian problem, not a war

Homeland Security Secretary Janet Napolitano on Thursday asserted cybersecurity is a civilian domain, not a military battlefield or private sector jurisdiction, as some critics of federal cyber policy have argued.

"Some categorize the challenge as one for the market, or a looming war," she said at a forum hosted by Nextgov's parent company, Atlantic Media. "In my view, cyberspace is fundamentally a civilian space, and government has a role to help protect it, in partnership with the private sector and across the globe ... both the market and the battlefield analogies are the wrong ones to use."

New cyber threats, such as intrusive monitoring of Internet users and the Stuxnet worm, which can cripple computer operating power grids, have prompted calls for the U.S. military to design a cyber defense plan and for industry to give consumers "do not track" options on Web browsers. But DHS, by mandate, must be involved in securing the critical infrastructure of the country, which includes the information technology networks underpinning every aspect of modern life, Napolitano said.

"It is our goal to build one of the very best teams that we can to tackle the cybersecurity challenge," she added. "No single industry or agency quite frankly can manage it."

Napolitano acknowledged DHS must coordinate with companies and the Defense Department to protect cyberspace, and said the agency is doing so. This fall, she and Defense Secretary Robert Gates signed an agreement to align cyber forces across their departments by sharing personnel and tools. DHS officials now are stationed at Defense's National Security Agency, including legal counsel and privacy officers, to ensure citizens' rights are not violated.

In addition, Homeland Security has worked with chemical plants and industrial control centers, which operate electrical and water utilities, to institute safeguards.

Napolitano called for "a more transparent and inclusive cybersecurity policymaking process ... that brings the best minds together at the table to make the best choices." She also said there is a need for additional academic research on information security, as well as more responsibility on the part of Internet users to protect their devices.

"Cybersecurity isn't about government control," Napolitano said. "It is about partnerships, but partnership needs to have some effectiveness. There needs to be meat on the bone when we say partnership."

Full video of the event: