He said a shift to so-called "cloud" or "thin client" computing could boost security and reduce the number of systems administrators needing with broad access. Deeper background checks and greater oversight also could be imposed, he said.
Mr Snowden was a systems administrator working for Booz Allen Hamilton in Hawaii on an NSA contract when he disclosed details of secret US surveillance programs.
"I think systems administrators is the right place to begin to clean this up ... because they have such ubiquitous access, and that's how he ended up doing what he did," General Dempsey said.
He said the US government was close to completing an update of its rules of engagement for dealing with a cyber attack, describing them as a "playbook" that outlines the roles and responsibilities of the different agencies involved.
He cautioned against assuming a cyber attack that caused significant damage would automatically be met with a cyber response of similar scope and destructiveness.
"I think what the President ... would insist upon, actually, is that he have the options and the freedom of movement to decide what kind of response we would employ," General Dempsey said.
"That's why I say I don't want to have necessarily a narrow conversation about what constitutes war in cyber, because the response could actually be in one of the other traditional domains" of air, sea, space or land, he said.
Sign up for Computerworld eNewsletters.