Former Joint Chiefs Chairman Calls NSA Leak A 'Huge Breach'


A former Chairman of the Joint Chiefs of Staff warned information security professionals that the leak of sensitive documents relating to NSA activities could result in greater, not less, restrictions on both individual liberties and the Internet and said the whistleblower, Edward Snowden, violated his oath of service to the country.

Responding to a question from a reporter following his keynote address at the 2013 Gartner Security and Risk Management Summit, retired United States Navy Admiral Mike Mullen said leaking the Prism documents and exposing the NSA's surveillance activities has done damage. He said the incident could spur regulators to take action, but said taking action in the midst of a crisis situation rarely results in positive outcome. "From my perspective, it was a huge breach and it needs to be dealt with accordingly," Mullen said.

Snowden was a government contractor and former CIA employee, who reportedly worked as a cybersecurity professional before disclosing details of the classified NSA spy program to the press. The documents assert that the government collected phone call metadata from Verizon and other telecommunications providers and tapped into data available through Apple, Facebook, Google and other firms as part of antiterrorism surveillance activities.

[Related: CIA Investment Arm Has Its Sights -- And Money -- Set On Security Startups]

Mullen said the incident will increase the level of debate about personal privacy and the Internet "in a much broader fashion than it had ever been before." Civil liberties need to be balanced with the need to protect citizens from dangers, he said.

"We have to be mindful of the security that we care about to protect ourselves as we are having this debate," Mullen said. "Some people on the extremes of both parties are getting together in ways that I haven't anticipated given this particular crisis. It makes me wonder if that is how to start solving problems, by getting into a crisis to get people from both sides together, but I'm not sure if that's a way to run a railroad."

Mullen, who accepted a position on the Sprint board of directors, was asked to comment about the company's proposed merger with SoftBank, which is under regulatory review. Naysayers to the merger cite SoftBank's close ties to the Chinese government. The rising concern has led U.S. government officials to issue restrictions on some firms. The government banned the use of Huawei, ZTE and other China-based telecommunications equipment providers on the grounds that the equipment could contain surveillance capabilities.

The most important relationship in the world is U.S. and China, Mullen said, adding that he is "barely aboard the [Sprint] ship much less knowing where it's going."

"I feel strongly that we need to protect our technology," Mullen said. "I broadly know that Sprint is one company that works with our government," he said.

Mullen's message to the several thousand in attendance at his keynote at the Tuesday event was to hold themselves and their leaders accountable for their actions. He urged those in attendance to work with legislators to get appropriate information-sharing laws passed in Congress.

"Without accountable leaders in positions of authority and responsibility, we are not going to make much progress," he said on cybersecurity and critical infrastructure protection. "We are long past the time where the CEO or the leader can call up their best technical expert and say 'Please fix this, and get my system online so I can move forward.' Leaders need to understand the best course to take in terms of investment."

PUBLISHED JUNE 11, 2013