[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]
GOVERNMENT AND INDUSTRY EFFORTS
TO PROTECT OUR MONEY DURING
BLACKOUTS, HURRICANES, AND
OTHER DISASTERS
=======================================================================
HEARING
BEFORE THE
SUBCOMMITTEE ON
OVERSIGHT AND INVESTIGATIONS
OF THE
COMMITTEE ON FINANCIAL SERVICES
U.S. HOUSE OF REPRESENTATIVES
ONE HUNDRED EIGHTH CONGRESS
FIRST SESSION
__________
OCTOBER 20, 2003
__________
Printed for the use of the Committee on Financial Services
Serial No. 108-58
92-642 U.S. GOVERNMENT PRINTING OFFICE
WASHINGTON : 2003
____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; (202) 512�091800
Fax: (202) 512�092250 Mail: Stop SSOP, Washington, DC 20402�090001
HOUSE COMMITTEE ON FINANCIAL SERVICES
MICHAEL G. OXLEY, Ohio, Chairman
JAMES A. LEACH, Iowa BARNEY FRANK, Massachusetts
DOUG BEREUTER, Nebraska PAUL E. KANJORSKI, Pennsylvania
RICHARD H. BAKER, Louisiana MAXINE WATERS, California
SPENCER BACHUS, Alabama CAROLYN B. MALONEY, New York
MICHAEL N. CASTLE, Delaware LUIS V. GUTIERREZ, Illinois
PETER T. KING, New York NYDIA M. VELAZQUEZ, New York
EDWARD R. ROYCE, California MELVIN L. WATT, North Carolina
FRANK D. LUCAS, Oklahoma GARY L. ACKERMAN, New York
ROBERT W. NEY, Ohio DARLENE HOOLEY, Oregon
SUE W. KELLY, New York, Vice Chair JULIA CARSON, Indiana
RON PAUL, Texas BRAD SHERMAN, California
PAUL E. GILLMOR, Ohio GREGORY W. MEEKS, New York
JIM RYUN, Kansas BARBARA LEE, California
STEVEN C. LaTOURETTE, Ohio JAY INSLEE, Washington
DONALD A. MANZULLO, Illinois DENNIS MOORE, Kansas
WALTER B. JONES, Jr., North CHARLES A. GONZALEZ, Texas
Carolina MICHAEL E. CAPUANO, Massachusetts
DOUG OSE, California HAROLD E. FORD, Jr., Tennessee
JUDY BIGGERT, Illinois RUBEN HINOJOSA, Texas
MARK GREEN, Wisconsin KEN LUCAS, Kentucky
PATRICK J. TOOMEY, Pennsylvania JOSEPH CROWLEY, New York
CHRISTOPHER SHAYS, Connecticut WM. LACY CLAY, Missouri
JOHN B. SHADEGG, Arizona STEVE ISRAEL, New York
VITO FOSSELLA, New York MIKE ROSS, Arkansas
GARY G. MILLER, California CAROLYN McCARTHY, New York
MELISSA A. HART, Pennsylvania JOE BACA, California
SHELLEY MOORE CAPITO, West Virginia JIM MATHESON, Utah
PATRICK J. TIBERI, Ohio STEPHEN F. LYNCH, Massachusetts
MARK R. KENNEDY, Minnesota ARTUR DAVIS, Alabama
TOM FEENEY, Florida RAHM EMANUEL, Illinois
JEB HENSARLING, Texas BRAD MILLER, North Carolina
SCOTT GARRETT, New Jersey DAVID SCOTT, Georgia
TIM MURPHY, Pennsylvania
GINNY BROWN-WAITE, Florida BERNARD SANDERS, Vermont
J. GRESHAM BARRETT, South Carolina
KATHERINE HARRIS, Florida
RICK RENZI, Arizona
Robert U. Foster, III, Staff Director
Subcommittee on Oversight and Investigations
SUE W. KELLY, New York, Chair
RON PAUL, Texas, Vice Chairman LUIS V. GUTIERREZ, Illinois
STEVEN C. LaTOURETTE, Ohio JAY INSLEE, Washington
MARK GREEN, Wisconsin DENNIS MOORE, Kansas
JOHN B. SHADEGG, Arizona JOSEPH CROWLEY, New York
VITO FOSSELLA, New York CAROLYN B. MALONEY, New York
JEB HENSARLING, Texas CHARLES A. GONZALEZ, Texas
SCOTT GARRETT, New Jersey JIM MATHESON, Utah
TIM MURPHY, Pennsylvania STEPHEN F. LYNCH, Massachusetts
GINNY BROWN-WAITE, Florida ARTUR DAVIS, Alabama
J. GRESHAM BARRETT, South Carolina
C O N T E N T S
----------
Page
Hearing held on:
October 20, 2003............................................. 1
Appendix:
October 20, 2003............................................. 33
WITNESSES
Monday, October 20, 2003
Abernathy, Hon. Wayne A., Assistant Secretary for Financial
Institutions, Department of the Treasury....................... 3
Allen, Catherine, CEO, BITS, The Financial Services Roundtable... 18
Kittell, Donald D., Executive Vice President, Securities Industry
Association.................................................... 20
MacLean, Rhonda, Private Sector Coordinator, Financial Services
Critical Infrastructure Protection and Homeland Security, &
Director, Corporate Information Security, Bank of America...... 15
Olson, Hon. Mark W., Member, Board of Governors, Federal Reserve
System......................................................... 5
Schmidt, Howard A., Vice President and Information Security
Officer, eBay, Inc., and former Chair of the President's
Critical Infrastructure Protection Board....................... 22
APPENDIX
Prepared statements:
Kelly, Hon. Sue W............................................ 34
Abernathy, Hon. Wayne A...................................... 35
Allen, Catherine............................................. 42
Kittell, Donald D............................................ 52
MacLean, Rhonda.............................................. 57
Olson, Hon. Mark W........................................... 65
Schmidt, Howard A............................................ 76
Additional Material Submitted for the Record
Olson, Hon. Mark:
Federal Reserve System letter, October 22, 2003.............. 84
New York State Banking Superintendent Diana L. Taylor, prepared
statement...................................................... 86
U.S. Securities and Exchange Commission, prepared statement...... 92
GOVERNMENT AND INDUSTRY EFFORTS
TO PROTECT OUR MONEY DURING
BLACKOUTS, HURRICANES, AND
OTHER DISASTERS
----------
Monday, October 20, 2003
U.S. House of Representatives,
Subcommittee on Oversight and Investigations,
Committee on Financial Services,
Washington, D.C.
The subcommittee met, pursuant to call, at 2 p.m., in Room
2128, Rayburn House Office Building, Hon. Sue W. Kelly
[chairwoman of the subcommittee] presiding.
Present: Representative Kelly.
Also Present: Representative Kanjorski.
Chairwoman Kelly. This hearing of the Subcommittee on
Oversight and Investigations will come to order. This afternoon
we are going to have a hearing on the government and industry
efforts to protect our money during blackouts, hurricanes and
other disasters. The blackout which began on Thursday
afternoon, August 14, left millions of Americans in the dark in
many ways. Many were stranded at work, wondering how to get
home. I know many of my own constituents who work in New York
City couldn't get home that nigh, and there were others that
were stranded at airports and in other transportation systems
wondering when to give up, try to find alternatives and try to
get home through all the dark corridors.
In the end, major cities from New York City to Detroit were
without centrally generated power. Airports, water and sewerage
plants and 9/11 emergency systems were shut down. The
communications systems pretty much failed. It is now even
clearer that the technology age that we live in, which allows
us to provide services and access information in a heartbeat,
has increased our reliance on power.
It is imperative now that we review efforts to protect our
systems and the infrastructure that is ever more entwined and
dependent on one another. At the heart of critical
infrastructure is the safety and soundness of the financial
services sector. Fortunately through all of this, it appears
that the financial services sector did not suffer any serious
negative impacts, but we need to use the recent blackout as a
test to assess the security and dependability of our financial
systems. Without a doubt, there are lessons to be learned and
improvements to be made.
Today we welcome Wayne Abernathy, the Assistant Secretary
for Financial Institutions at the Treasury Department, who will
release a special report. If you are looking for it, this is
what it looks like. He is going to release a special report on
the impacts of the blackout that will be crucial as to how to
handle disasters in the future. Assistant Secretary Abernathy
worked around the clock with many of our other witnesses who
will be here today to implement backup plans during the
blackout.
Joining Assistant Secretary Abernathy on our first panel is
Federal Reserve Board Governor Mark Olson, who is also very
instrumental in these efforts.
Keeping our financial systems functioning and safe requires
a high degree of coordination between many different and
important parties, both public and private. The private sector
witnesses on our second panel are leaders in protecting
critical financial assets from major disasters. These
witnesses, along with others in the private sector and
government who couldn't be represented here today, worked to
ensure that our money supply and funds flow would not be
jeopardized. The Depository Trust and Clearing Corporation, the
New York Stock Exchange, Nasdaq, and associations such as the
Bond Market Association played key roles to keep the markets
working during the blackout.
Many other agencies were also involved in addition to the
Treasury Department and the Federal Reserve System, including
the SEC. As the regulator of the Nation's largest financial
institutions, the supervisor of the New York State Banking
Department, my good friend Diana Taylor, also played a key
role. We thank the SEC and Ms. Taylor for their written
statements which, without objection, we will submit into the
record.
[The prepared statement of the Securities and Exchange
Commission can be found on page 92 in the appendix.]
[The prepared statement of Diana L. Taylor can be found on
page 86 in the appendix.]
Chairwoman Kelly. We really appreciate their statements. We
look forward to hearing accounts of how our witnesses managed
during the blackout and how emergency plans for protecting
critical infrastructure, the ones that have been in place
before September 11, how they worked. There is no better
indicator of success of those plans than the fact that there
was apparently no financial panic either during or after the
blackout.
We also want to hear how prepared everyone was for a major
hurricane and whether they understand what these plans are and
whether or not Hurricane Isabel had any serious consequences.
I thank the witnesses for appearing here today and look
forward to your testimony. Together, I hope we can ensure that
our financial systems continue to function smoothly under all
circumstances and the American people will continue to have
confidence in the financial services sector.
The Chair notes that there will be members coming from the
full committee and there will be members coming from this
subcommittee. So, without objection, all members who have
statements, questions to ask of the panels, and we ask the
answers to those questions be included in the record. So,
without objection, so ordered.
With that, I will introduce our first panel. We welcome
Honorable Wayne Abernathy, Assistant Secretary for Financial
Institutions at the Treasury Department, and the Honorable Mark
Olson, member of the Board of Governors of the Federal Reserve
System. The SEC was unable to appear today due to scheduling
conflicts, so we invited the Commission to submit the statement
which I have submitted for the record.
Additionally, I invited Ms. Diana Taylor, supervisor of the
New York State Banking Department, to submit a statement as
well about her activities in this area. So, with unanimous
consent, we have entered their statements in the record.
We thank you, Mr. Abernathy and Mr. Olson, both for
testifying before us and we welcome you on behalf of the
committee. So, without objection, your written statements and
any attachments will be made part of the record. And, without
objection, we are going to continue this hearing. I would hope
that you will give me a 5-minute summary of your testimony,
because your testimony will--your full testimony will be in the
record.
You will now be recognized for that 5-minute testimony.
When the light changes color, you probably know, you have--when
it goes from green to amber, you have 1 minute to pull your
thoughts together and give us a summary. When it goes red, the
5 minutes is over.
Chairwoman Kelly. And we will begin with you, Mr.
Abernathy. It is very--I am very pleased to have you here with
us today. Go to your testimony now, please.
[The prepared statement of Hon. Sue W. Kelly can be found
on page 34 in the appendix.]
STATEMENT OF HON. WAYNE A. ABERNATHY, ASSISTANT SECRETARY FOR
FINANCIAL INSTITUTIONS, DEPARTMENT OF THE TREASURY
Mr. Abernathy. Thank you, Chairwoman Kelly, and members of
the subcommittee. It is a pleasure to be here today. I am today
representing not only the Department of the Treasury, but also
the Financial and Banking Information Infrastructure Committee,
or FBIIC. The FBIIC is charged with improving coordination and
communication among financial regulators, enhancing the
resilience of the financial sector and promoting communication
and coordination with the private sector entities that make up
and operate within our financial services sector. I represent
the Department of the Treasury in chairing that committee.
Following recent events, the FBIIC conducted a review and
compiled a written report that you kindly mentioned in your
statement, The Impact on the Recent Power Blackout and
Hurricane Isabel on the Financial Sector, which the FBIIC is
releasing to the public today, and I submitted a copy of the
report together with my statement.
Both in preparation for potential disruptions and in
responding to actual threats, we are guided by four principles
in order of importance:
First, and most important, we must remember in all that we
do to protect our financial infrastructure, that it is always
about people. It is the people that make our financial
institutions work, people that design the systems, people that
make them successful, people that innovate to keep them fresh
and dynamic, and it is people whom they are designed to serve;
people who rely upon financial services for so many aspects of
their daily lives.
Second, because it is about people, it is about confidence.
Our financial institutions operate on confidence, but they also
promote confidence. In fact, confidence is what our financial
institutions must provide; confidence that financial
transactions will be carried out, that checks will clear, that
bills will be paid, that investments will be made, that
insurance promises will be kept. The confidence provided by
financial institutions plays a big part in helping to cope with
the trauma of disaster.
Third, essential to that confidence is open markets.
Financial institutions should be open for business, allowing
Americans everywhere to engage in their business even during,
or especially during, times of stress. It is important for
financial institutions and markets to continue to operate as
close to business as usual as possible.
The fourth guiding principle is that we want to promote
local decision making and problem solving both as we prepare
for disruptions and as we weather them. The experts that are on
the ground and in the field are in the best position to
determine what steps should be taken to protect employees and
customers. We will help where we can, where we need to, but we
intend to leave the responsibility with the financial
institutions and the regulators that are closest to the
problems to find the solutions. Initiative and ingenuity are
the most powerful tools to deal with any disruption, and we
must give full room for their exercise.
Impact of the power outage of August 14, 15, 2003. The U.S.
Financial system handled the outage well. The bond market and
major equities and futures markets were able to open the next
day for business at their usual trading hours. Neither the
Department of the Treasury nor any of our companion financial
regulators received reports of lost data, significant failed
transactions or other similar problems. Although there were
isolated reports of telecommunications difficulties, the
problems were minor and the participants resolved these
problems during the day. Banks and credit unions also performed
well.
Although the impact of Hurricane Isabel was less
significant in degree, it was quite similar in kind to the
impact of the power outage. Both resulted in widespread
disruptions of electric power and the businesses that depend on
it. However, the storm did not adversely affect the financial
markets.
There are several reasons why the U.S. Financial system
fared so well. First and foremost, the men and women who work
in the financial system did an extraordinary job. During the
outage many stayed at their posts to ensure that their systems
preserved and processed data from trading on Thursday and that
their systems would be prepared to resume trading the next day,
on Friday. Almost immediately after the power went out on
Thursday, financial institutions began asking themselves not
whether they would open for business the next day, but how they
could best serve their customers' needs. This commitment to
serve customers even in times of adversity is important. I wish
to note that financial institutions decided on their own that
they would open for business the next day. They did not wait
for guidance from Washington.
There are many other things that we learned in terms of
problems that we need to resolve. Perhaps the most important is
the way in which our financial services sector depends on
several others. For that reason, I would say even though the
U.S. Financial system is more resilient today than it was a
year ago, the men and women who work in the system help make it
so and they are the ones continuing to work on the problem
today.
Our job is not finished. It is a big job. To paraphrase
Winston Churchill, we are not at the end or even at the
beginning of the end, but we might be nearing the end of the
beginning. Americans and the world can rely with increasing
confidence on the U.S. Financial system. Thank you.
Chairwoman Kelly. Thank you very much, Mr. Abernathy.
[The prepared statement of Hon. Wayne A. Abernathy can be
found on page 35 in the appendix.]
Chairwoman Kelly. Mr. Olson.
STATEMENT OF HON. MARK W. OLSON, GOVERNOR, FEDERAL RESERVE
SYSTEM
Mr. Olson. Thank you very much, Chairwoman Kelly. Thank you
also for inviting us and thank you for holding this important
hearing. My comments will be very similar to Wayne Abernathy's
and very similar to the summary that you just went through with
respect to the impact on the financial services industry. My
focus will be from the vantage point of the Federal Reserve
System and on the banking industry. And to repeat what you
said, the markets remained calm and by and large and the
citizens remained calm. Disruptions were relatively minor, more
so I think as a result of the power outage than the hurricane,
so I am going to focus a little bit more on the power outage
and a little less so on the impact of the hurricane.
I think to start off, it is important to remind ourselves
the fact that the disruptions were minor was not accidental.
The banking industry has been faced with business disruptions
over the course of its history and we had learned that business
interruption is a fact of life of managing the financial
services system. As a result of that, we make business
continuity planning a very important part of our expectation
for banking executives and we examine for the capacity and the
capability of business continuity planning.
Also, I think it is important to remember that the events,
first of all of Y2K and then the tragedy around September 11,
2001, has introduced elements of risk exposure with respect to
business continuity that have required that we elevate the
level of our preparation.
With specific focus on the power outage, as you recall, it
occurred very late in the day on Thursday at about 4:11 or so,
and the capital markets had closed, but very quickly the
markets indicated that they would be open the following day, on
Friday. As you probably know, banks are not allowed independent
discretion as to whether or not to open during the normal
banking day, but both the Comptroller of the Currency and many
of the State bank commissioners very quickly allowed for
closings should they be required. Our indication is that only
perhaps a dozen banks in the entire impacted area closed, and
that would be a dozen out of a universe in those States perhaps
between 500 and 700 total institutions. So it was very small.
The liquidity of the markets was relatively unimpacted. The
Federal funds market was impacted slightly and there was some
volatility and that had to do with the fact that the Federal
funds market is the interbank borrowing/lending vehicle and
many of those transactions do not settle until the end of the
day. So those were about to settle about the time that the
power outage occurred. And so while there was volatility, it
was not significantly disruptive. Also the following day, on
Friday, as a result of the carryover, there was some volatility
also.
From the consumers' point of view, the major impact was
access to ATM machines. Some ATM machines remained open either
because the branch had backup power or because the ATMs were on
battery power. Consumers in general are not unused to
experiencing some kind of disruptions with respect to access to
ATMs. ATM machines are increasingly ubiquitous so it is not our
perception that there were major problems. There are five
separate Federal Reserve facilities in the area of the power
outage. All of them had backup power from generators and all of
them were fully functioning. As far as we know--and this is
exactly what Wayne said--we are not aware of any financial
records that were destroyed in the process.
With respect to Hurricane Isabel, the major advantage in
preparation was that it was well anticipated. And as a result,
there was more extensive advance preparation, and that was
evident. And key, of course, was the communication. In terms of
the agency coordination, we could see evidence of coordination
on three levels almost immediately from the vantage point of
the Fed. There was communication immediately among the Fed
institutions and also among the agencies, the FFIEC and then
more broadly among the Federal Government agencies, so the
coordination was very strong.
Lessons learned: Probably the most important lesson learned
from our perspective is that the best response is to be well
prepared. It is a variation of a good offense is the best
defense. But clearly as a result of the preparation, the
anticipation of the reverse of what could go wrong helped limit
the disruption.
Point number two, communications was important. And you can
quantify to an extent the value of good communications. The
Treasury markets for example were opened longer than the equity
markets and the Treasury market dropped about 10 basis points.
Long bonds dropped about 10 basis points almost immediately. As
soon as the announcement was made that the outage was not as a
result of a terrorist activity, the markets responded very
quickly by returning to the pre-outage level. And that is a
strong indication of the value of good communication. In
addition to the announcement that the markets would open again
on Friday these two announcements, went a long way I think in
helping calm the general public.
I think another important lesson learned is the need not
just for an immediate backup facility, but the ability also to
provide for what might happen if that backup facility is
required to stay functioning for some period of time; for
example, availability of a fuel source for institution using
generators.
Chairwoman Kelly, we were very proud of the fact that
within the Federal Reserve System a number of our employees
came in on Thursday and Friday during the hurricane, many of
whom stayed overnight. I would like to submit their names for
the record and make it a permanent part of this hearing.
[The following information can be found on page 84 in the
appendix.]
Chairwoman Kelly. So moved.
Mr. Olson. And that concludes my opening remarks, and I
would be happy to answer any questions.
[The prepared statement of Hon. Mark W. Olson can be found
on page 65 in the appendix.]
Chairwoman Kelly. By all means, do submit the names of the
people who did spend many hours apparently sleeping on the
floor or working all night long. If you will get that to my
office, we will try to see that they get some recognition and
thanks for what they did. It is imperative for the U.S. economy
that the markets stay open and that the banks stay open, so I
am delighted to be able to acknowledge their efforts.
Thank you, Mr. Abernathy, for your testimony. I want to
remind both you--both of you and the panelists for the next
panel, I not only sit here on the Financial Services Committee,
but I am also on the Transportation and Infrastructure
Committee. And I was very interested in some of the testimony
today that I was reading about the fact that there were some
infrastructure problems here. I think we need to put our heads
together and work to make sure it is just not the power grid
going down that was the problem. From what I understand, there
were issues like potable water and transportation issues with
regard to getting fuel where it needed to go to keep the
generators going, things like that.
I would be very interested in working with both of you and
with our next panelists on addressing specifically what went
wrong to see if there is something I can do to help that
situation from a transportation and infrastructure decision as
well. So thank you very much.
I just want to ask a few questions here of both of you. I
would like to get a few details about your activities and those
of the staff.
Mr. Olson, you told us your staff was there. I would like
each of you to tell me where you were when the August 14
blackout occurred. I am more interested in that because it was
a sudden occurrence. We had a lot of preparation. We knew the
hurricane was coming, so people could prepare for it. But with
a blackout, that is a sudden act and equal to something that
could be akin to a terrorist act. So to me, it is very
important to know how this all worked.
And I agree with you, Mr. Olson, in your statement. I
believe in this instance with regard to the financial services
of America, the Boy Scout motto is the best: Be prepared.
With that in mind, tell me where you both were on the
afternoon of August 14, and I would like to know whether or not
you were able to be in communication with the other regulators
and the private sector counterparts, what worked and what
didn't work for you. If you could develop that for me, I would
appreciate that.
Mr. Abernathy. If I may begin, Ms. Kelly, it is very
fortuitous, that particular day we had chosen ahead of time as
an opportunity to test one of our backup facilities and I was
actually at one of the Treasury Department's backup facilities
testing our ability for me to do my job from a location other
than at main Treasury when this additional test occurred. And
one of the aspects of the test that made it very rewarding to
us was that it presented a compound question: Can we not only
operate from that backup facility but can we operate in a
crisis situation? And the answer is yes. I was able to do
everything I could have done from my office in main Treasury at
this backup facility. I was in constant communication with the
other regulators. I was in regular communication with the
financial services sector. I could contact the different
regulators and ask them how are your markets doing, any
disruptions, and I was very pleased that we are able to test
both our ability to coordinate but also coordinate from an
unusual site.
Chairwoman Kelly. For you, what the systems were that you
had in place at that time, they worked as far as you could see?
Mr. Abernathy. Yes.
Chairwoman Kelly. Mr. Olson.
Mr. Olson. It occurred late afternoon on the Thursday. And
in response to your comment about the Boy Scout motto, ``Be
Prepared,'' I was fortunate that our resident Eagle Scout,
Steve Malphrus, was available and he came into my office and
indicated that there had been a power outage. As a result of
some of the preparation that we had been through and as a
result of the prioritizations that we had done previously, our
first question was, are our people all right? That was the
first that we have--as a result of the preparation we have
done, that is--that is the first question we asked.
Second question we asked, are the Fed facilities
functioning? And we determined fairly quickly that they were
functioning.
I think priority number three was to focus on Fedwire.
Fedwire is the large dollar payment system, and because of the
fact for the most part the telecommunication system continued
to work, Fedwire worked very well. We then initiated
coordination with the other agencies. And as a result, we were
able to learn fairly quickly that, for example, the OCC had
given its pronouncement with respect to opening the following
day. In terms of the priority, it was people, systems,
facilities.
Chairwoman Kelly. Thank you. Each of you spent a number of
years dealing with disaster planning in the financial services
sector. I would like to have you grade where we stand now and
how far we have come.
Let us start with how far you think we have come in terms
of the grading scale. On a scale of zero to 10, with zero
representing the most vulnerable and 10 representing the total
fixing of the problem, the ideal, we had some vulnerabilities
which may have gotten fixed over the Y2K problem, but I would
be interested in your rating where we were and where we are now
just on a scale of 1 to 10 to kind of give me an idea of what
we need to do here.
Mr. Abernathy. Well, I think that presupposes a level of
precision beyond where we are, but let me try to address the
question this way. We certainly have been building upon
preparations that have been in place over a number of years,
and this is not something that the financial services sector
woke up to in 2001. As you have correctly pointed out, a lot of
what we rely upon today began in preparation for the Y2K
phenomenon. And that built upon other efforts that had already
been in place. We have financial institutions recognizing a lot
of their strength comes from their reliability, and the
reliability depends on the ability to operate when there is a
disruption.
But each year has added to the ability to deal and cope
with a new challenge. Each new challenge presents some new
challenge that we didn't have before. I think what we have
learned from the blackout was the more significant degree of
interrelationship between the different infrastructures, as you
pointed out, how communications and transportation, how water
and other infrastructure tie into the ability of the financial
infrastructure to operate and how they are interrelated. That
is something we are probing now more than we did a few months
ago, although we had been doing some of that up to that point.
Probably the best I can do with regard to numbers, I would say
we are much closer today to 10 than we are to zero.
Chairwoman Kelly. Mr. Olson.
Mr. Olson. Let me just elaborate a little bit on that.
First of all, I think that if you would have asked the
question, for example, in 1999, the scale of 1 to 10 would have
been--would have covered a limited range. Our understanding of
the range of potential catastrophes is now much broader than it
was then. We have a wider universe of potential issues.
Let me give you one specific example. Prior to September
11, in most of the business continuity planning that was done
in the banking industry around the country, the expectation was
that people would be there. Now as a result of 9/11, we
recognize that we now have to plan under the assumption that
perhaps the people won't be.
So I think we are still quantifying the extent to which we
fully understand the risk exposures. I would say an 8 or a
scale of 10 in terms of where we are now, because I think what
we are doing better now than we had done before is that we have
taken seriously all the planning and the need for additional
testing and conducting some dry runs. I think Wayne Abernathy's
experience, that he just described at Treasury, is typical of
the way we are now managing that risk exposure.
Chairwoman Kelly. Thank you.
Mr. Olson, I just want to ask one question about another
piece of your testimony. You said that most--there were many
ATMs that were affected, but where they were located in banks
and so forth, they were up and running. There are ATMs now in
supermarkets, in little corner grocery stores, at a bodega,
whatever. When the power went down I would have to assume that
those were the ATMs that were affected, were they not?
Mr. Olson. Probably. If they didn't have some kind of a
backup power facility, either a generator or battery, those
probably would have been the ones affected. Even within the
banking industry, there are some ATMs that do not have a
generator backup facility or battery backup facility, but there
are some kiosks, for example, where there are ATMs. So some of
those might have been out also.
Chairwoman Kelly. I am wondering if it would be a function
that perhaps we should consider--perhaps you should consider.
We certainly don't need a law, but as you say, be prepared. We
should help the public be prepared. And I am wondering if we
should ask the people who own ATM machines that did not have
backup power to post a notification that in the event of a
blackout the ATM will not work, so that people understand that
they can't in a blackout go to those machines and expect them
to work. I don't know how many lives that would affect, but it
seems to me we should let people know what they got, because
many people do rely on a regular basis on the ATM being
available, and certainly people did try to get money from ATMs
in places in New York City and in my district and they were not
working. I don't know what you think of that. Maybe you would
like to tell me.
Mr. Olson. I think it is an excellent question. And I would
like to look into it and get back to you regarding what we have
learned from that experience and the extent to which people
were--the extent to which they were disadvantaged and the
extent to which they were aware of alternatives and could
access those alternatives. But we would be happy to follow up
and get back to you on that.
Chairwoman Kelly. My concern is if it is in fine print when
you sign up to get an ATM card, you are not going to notice
that. But if it is printed on a sticker that is on the machine
somewhere that it will not function during a blackout, that is
a good thing for all of us to know. I think it is a good thing
for all of us to know.
Mr. Olson. There may be implications to that that aren't
occurring to me at the moment, but we will look at that very
carefully and be happy to respond.
Chairwoman Kelly. There are two other questions I would
like to ask and then we will go to Mr. Kanjorski.
Mr. Abernathy, what impact did the move of the Treasury
personnel to start the Homeland Security Department have on the
Department's capabilities with regard to disaster planning and
recovery?
Mr. Abernathy. As you know, Madam Chairman, we are in the
process of the Homeland Security Department getting on its
feet. But already in its early stages, I think one of the
benefits we had was in this question of interrelating one
particular sector with another, so that as we were looking at
the financial services sector and finding out why certain
operations continued to operate, they told us, well, we can
keep going for x number of hours but we are going to run out of
fuel at some particular point. We can take that question then
to the Homeland Security Council and say the financial system
is working well, but we may need fuel oil to be able to power
generators or diesel. And so we could go to them and, say,
bring that problem and they can deal with it and understand the
importance of it and have in place systems to deal with that.
So I think it helped in the process of connecting the different
sectors together.
Chairwoman Kelly. Good. That was part of the effect that we
hoped would happen.
The other thing I would be interested in hearing is have
you done any--just sort of prior simulations of a blackout in
any--I mean, this was not a simulated blackout on August 14,
but are there simulations that you have run? Did you run one in
New York City? And this is for both of you. I am interested in
what magnitude, if you did run simulations, what the magnitude
was and whether or not that actual blackout experience we had
met what the parameters were that you had set in place if you
had run those simulations.
Mr. Abernathy. We have participated in a number of
simulations, some of which we sponsored, some of which have
been sponsored by other agencies of the government. I don't
recall that any of the ones that we participated in envisioned
a blackout affecting 50 million people stretching from New York
City to Detroit. I will say this, though, and I made the
comment frequently afterwards to our staff and others as we
looked at how we dealt with the crisis. We were able to deal
with the problems related to the crisis not because we had
practiced that particular simulation before, but because we had
gone through a different number of simulation exercises, we had
learned to deal with the unexpected and we learned how to
communicate with one another and work through problems that we
hadn't envisioned ahead of time. And that kind of exercise, the
fact that we have gone through a number of different
simulations, really paid off very well during the blackout.
Chairwoman Kelly. I am sure probably what you had done went
a long way to keeping consumer confidence in the market.
Mr. Olson, do you want to answer that?
Mr. Olson. I could repeat exactly what Wayne said, but let
me give you an example of how it worked in the financial
services industry. When the tragedy of September 11 occurred
and airplanes couldn't fly and there was a tremendous amount of
disruption in the economy, what we discovered, what financial
institutions discovered, is they went back to the business
continuity planning that they had done for Y2K and took all of
the disciplines from the Y2K preparation, and those disciplines
were immediately effective for them on 9/11.
And so that is a good example of how you plan for business
disruption, but not necessarily for a specific one, but the
planning has multiple benefits when you plan broadly.
Chairwoman Kelly. Thank you very much. I want to again--I
want to hold this report and tell you I read the draft report
on this and I was very, very impressed with the ability that
you had in place already before that blackout to hold things
together, let the markets continue to function. Of course, we
were lucky because it happened at the end of the trading day in
some instances; but having that report, I think, should go a
long way to a certain stability and peoples' expectations with
regard to anything else if we have another blackout.
I am going now to Mr. Kanjorski.
Mr. Kanjorski. Thank you Madam Chairman.
Mr. Abernathy, you discussed the fact that the American
Stock Exchange remained closed for most of the following day
after the August blackout. How will the interagency paper
finalized earlier this year and in the process of being
implemented by the private sector help to ensure that similar
events do not occur in the future as major financial entities
work to establish their backup facilities required by this
guidance? What are the most important issues for them to
consider with respect to electricity, telecommunications,
transportation and water resources?
Mr. Abernathy. I think those are the key elements to look
at. The purpose of the white paper--we didn't participate in
the drafting of the white paper, although we are the consumers
and commentors on it--that was a project of a number of the
financial agencies themselves. But what we have learned from
that and how it applied in the blackout is there are a number
of things you can do to deal with the foreseeable, such as
providing distance, providing training for personnel, making
sure that you have not only facilities located in another
place, making sure your backup system may not be exactly the
same place as someone else's backup system is. One of the
problems we discovered in 9/11, a lot of people had backup
facilities, but they all had the same ones. They were sharing
the same backup facilities.
So one of the things we learned through the white paper is
not only ask what are your backup facilities, but how much do
they overlap with someone else's. And sometimes the backup is--
requires a backup to the backup, and that is a case that we
have in some of the financial institutions. We have a first set
of backup facilities in place, but the backup to those are now
coming on-line as well, which will further reinforce our
ability to switch. The other thing is make sure you have the
personnel available to run these facilities.
And time, I guess, is the other factor, I would emphasize.
Not only do you have the backup facility, but how quickly can
it come on line. The more quickly you can bring your backup
facility on line, the more quickly you can limit the damage
from a disaster, and, particularly if it is a terrorist attack,
the more you can take away the fruits of that terrorist attack
that the terrorist is looking for. The terrorist is looking to
disrupt our ability to engage in commerce. The more quickly you
can bring your backup facilities on-line, you can deny that
terrorist what he is trying to obtain.
Mr. Kanjorski. Is there any task force that has the
Congress's participation in the white paper or the interagency
paper in terms of whether we are getting there, whether we are
covering everything? As I understand the interagency paper, it
states that a facility must be located beyond 50 miles of
Manhattan, and I suspect that that is in order to provide for a
nuclear blast. In case the city was struck by a nuclear weapon,
they would want to be more than 50 miles out of the territory.
Mr. Abernathy. If I could make one comment, I think the 50
miles was in the original draft paper and since has been
replaced with a more subjective requirement that you should
have adequate distance or adequate time. The goal is you are
able to get your system back up within certain time frames.
Mr. Kanjorski. Within 2 hours.
Mr. Abernathy. Right. It may be that distance provides
that. It may be in a financial institution you don't need the
distance, you just need to have separate types of electronics
or personnel.
Mr. Kanjorski. Is somebody putting guidance together? What
happens if I am handling a large part of the trades on the
markets and am 10 miles away but within the blast zone? Is that
considered a backup facility?
Mr. Abernathy. Those issues are the ones we wrestle with
every day. And I would say the follow-up entity to carry out
those recommendations would be the FBIIC, that on a regular
basis compares notes with one another, encourages each
particular financial agency to be working with their regulated
entities to see how they are doing and implementing those
guidelines that are put in place in the white paper; reviewing
to what extent the guidelines that are in the white paper and
other guidelines have become out of date due to new things we
know as a result of the infrastructure as well as changing
technologies.
Mr. Kanjorski. Well, the August blackout was very
informative in terms of comparing that overlay with the
original thinking in the interagency paper. If you look at it
and making the assumption that the 50-mile radius is the
intelligent radius to be away from your major facility, then
you look at what happened to electricity and find out that
about half of the zone that you could relocate in, that was in
the same power grid. So obviously that wouldn't be a retreat
area.
And then the most significant part I think is the
watershed. New York City is served with both the Hudson
watershed and Delaware watershed. And in case of biological
attack, it would seem to me if I were a terrorist, I would go
way upstream and I would blank out a good half to two-thirds of
acceptable area that backup facilities could be located in.
Is somebody testing the judgments of the companies that are
making the decision to put a continuity business facility in
place, or are we relying totally on their judgment to do that?
Mr. Abernathy. That is something in particular that
Governor Olson can talk about. What we understand from the
financial regulators, that kind of judgment is a constant
source of discussion between the financial supervisors and the
people they supervise. There is a discussion that continuously
takes place in the examination process as well in the process
of implementing and designing sources of resiliency.
Mr. Kanjorski. Governor, do you want to pass on that?
Mr. Olson. I will support what Wayne Abernathy said. As
part of the supervision that we would do for financial
institutions, as we would examine their business continuity
planning. The FFIEC, the coordinating group, recently expanded
the criteria that we use in our examination of business
continuity planning from the banking industry. But you hit on
the key ones. Environmental is certainly one. Infrastructure is
certainly one. Availability of people is another one. And the
impact, for example, of an evacuation would be another one that
would be used. And since post-9/11, we have expanded the
expectation.
But there are two keys. First of all, and the most
important one, is people. Are you allowing for the safety of
the people? And point number two, it is the speed of recovery
to get the systems back on track. So as Wayne Abernathy
suggested, the idea of a specific mileage implication to it or
criteria to it is less important than to be able to demonstrate
the capability to respond.
Mr. Kanjorski. One of the areas I noted in watching the
various plans is the lack of adequate infrastructure for
telecommunications for relocation sites. Most of these
institutions have to have merit data recording, which means
they have to use fiber optics and they are restricted to the
speed of light, so they are restricted as to how far out they
can locate from Manhattan. And I think the parameter for most
of the technology companies that I have talked to is about 125
miles from Manhattan. The problem that is occurring, however,
is some areas that are viable for continuity of business
relocation sites do not necessarily have in place the fiber
optic systems to carry the transactional load that would be
required for continuity of business backup.
I guess my question to you is, are we going to do anything
in the homeland security bill or appropriations to either
assist utility companies or communication companies to lay that
fiber optic, or is that going to be the sole burden of the
companies that want to locate facilities?
Mr. Abernathy. I can't really respond to what is in the
appropriations bill with regard to telecommunications. That is
not something----
Mr. Kanjorski. To my knowledge there is nothing.
Mr. Abernathy. But I would like to emphasize, though, that
you are exactly right that telecommunications plays an
important role on how we run our financial services. Of all the
other different systems that interact with the financial
services, I would probably place telecommunications right at
the top. And one of the things we are engaged in and looking at
very carefully is how dependent we are, and how building up
redundancies in the telecommunication system can be brought
forward, keeping in mind how important that is.
Mr. Kanjorski. Even, Mr. Abernathy, getting an inventory of
systems in place. Many companies refuse to disclose the
locations or distances of their fiber optic systems. And it is
difficult for someone to cite a continuity of business
location, not knowing what the route is or the difficulty of
the distance to the relocation site.
All I am raising is that there is a need for a little more
comprehensive activity on the part of Treasury, the Federal
Reserve, and the other regulators that are involved to make
sure that we get some redundancy and we get some cooperation
between other Federal and State agencies with the private
sector to make sure the infrastructure is available for
companies to make the proper decision as to when they can
locate, where they can locate, and how quickly they can be back
up in business.
Mr. Abernathy. I would say that interrelationship is the
number one lesson we learned from the blackout, which is the
interrelationship of all the different systems.
Mr. Kanjorski. Tell me we are moving very quickly and in 18
months we are going to have all those continuity of business
locations.
Mr. Abernathy. We are working very hard on it.
Mr. Kanjorski. If we want to work with someone at Treasury
or the Federal Reserve, who should we be talking to?
Mr. Abernathy. In the congressional office, John Duncan
would be the person for Treasury.
Mr. Olson. In our case, Steve Malphrus, who happens to be
here, but he is the communications point.
Mr. Kanjorski. He is the guru.
Chairwoman Kelly. Thank you. I would like to simply say
that representing the area that I do, which is 50 miles north
of New York City and the entire lower third of New York City's
drinking systems plus major manufacturing, IBM, huge number of
things in my district, we have addressed some of these things.
And I think Mr. Kanjorski's question about somewhere, even if
it has to be kept at an above-secret level, there ought to be
some kind of an inventory, that is not a bad question. But I do
know that some of this has been addressed, because I also
represent the Indian Point nuclear plants and we have looked at
not only evacuations but some of these other questions that had
been raised.
I would hope that we can work with you both if you have
needs with regard to infrastructure, so we can make sure we
have what you need and we can work together.
The Chair notes that some members may have additional
questions for the panel. They may wish to submit them in
writing. Without objection, the hearing record will remain open
for members to submit questions and place responses in the
record.
This panel is excused with the committee's great
appreciation for your time. Thank you very much.
I would like to introduce our next panel. First is Ms.
Rhonda MacLean, Private Sector Coordinator, Financial Services
Critical Infrastructure Protection and Homeland Security
issues, and the Director of Corporate Information Security at
the Bank of America; Ms. Catherine Allen, CEO of BITS, at the
Financial Services Roundtable; Mr. Donald Kittell--hope I
pronounced that right--Executive Vice President of the
Securities Industry Association; and Mr. Howard Schmidt, Vice
President and Information Security Officer at eBay, and the
former Chair of the President's Critical Infrastructure
Protection Board. We thank you all.
Chairwoman Kelly. And we will begin with you, Ms. MacLean.
STATEMENT OF RHONDA MACLEAN, PRIVATE SECTOR COORDINATOR,
FINANCIAL SERVICES CRITICAL INFRASTRUCTURE PROTECTION AND
HOMELAND SECURITY, AND DIRECTOR, CORPORATE INFORMATION
SECURITY, BANK OF AMERICA
Ms. MacLean. Thank you, Chairwoman Kelly and Representative
Kanjorski, as well as members of the subcommittee for inviting
me here today for this important hearing. I am honored to be
here to speak on behalf of the financial services sector and my
role as the Department of Treasury-appointed Private Sector
Coordinator for Critical Infrastructure Protection. The
financial sector chose to form a Financial Services Sector
Coordinating Council with the public sector support and
encouragement and with Treasury's leadership.
I want to recognize Treasury Assistant Secretary Wayne
Abernathy and Deputy Assistant Secretary Michael Dawson for
their instrumental leadership in promoting and supporting our
efforts for an effective public-private partnership. It has
really served as a model for other sectors such as
telecommunications and energy and the like. The council
consists of 25 organizations that through their constituents
represent the majority of the financial services sector. These
organizations include key national exchanges; clearing
organizations; trade associations in the banking, securities,
bond, and insurance segments of our industry; and key
professional institutes.
Information provided in my written testimony identifies the
members of our council and additionally includes a diagram
depicting an extremely important aspect of why we believe our
sector has such an effective and real public-private
partnership at the sector level.
As Mr. Abernathy indicated, the public sector has formed
the Financial and Banking Information Infrastructure Committee,
the FBIIC. And periodically both members of our council and the
committee need to discuss and work together to address sector-
wide issues and initiatives that focus on strengthening the
resiliency of our sector.
Our councils work on five strategic areas and I will
briefly discuss each of those:
First is the information and dissemination and information
sharing. Our goal here is to provide a universal service for
disseminating trusted and timely alert and warning information
to all sector participants. We believe that this type of
information sharing will continue to increase the general
overall knowledge about physical and cybersecurity operational
risks that face our sector. We have gone from approximately 70
financial institutions receiving this important information to
now over 8,000 who are receiving this information today. This
significant step forward in our goal was accomplished through
the many council members leveraging their constituents'
contacts to distribute the critical alerts. Our next generation
ISAC will continue to improve on this information dissemination
directly to the financial institutions themselves. The sector
awareness and outreach activities we are implementing is a
program for homeland security and information--critical
infrastructure protection initiatives that include regional
forums. The local and regional efforts are in most cases the
front lines in the times of crisis and are an important element
in the overall communications flow during the times of crisis
coordination and crisis management. The council also has a
research and development task group that is working with
Treasury to determine priority for research and development
needs of our sector. We have also been working on our Sector
National Strategy to revise that document in response to the
two national strategies President Bush released in February.
This is our vehicle to really define tactical, actionable and
measurable programming to direct and advance our sector-wide
critical infrastructure and homeland security efforts for the
resiliency of our sector.
Lastly, the subject of this hearing has focused on the
council's efforts around crisis and response management. When
events occur with broad sector or national impact, a plan and
adopted approach for sector-wide crisis management must exist,
including coordination with government entities and other
critical infrastructure sectors on which we depend. At a sector
level the council uses a crisis communicator capability
developed and supported by BITS that allows council members to
convene in times of emergency. Timely communication and
effective coordination is essential to ensure the financial
sector maintains its resiliency and ensures public confidence.
We have had numerous opportunities to trust our crisis
management procedures at a local, regional, and sector level.
If we examine the August blackout, which had larger geographic
impact than Hurricane Isabel from a power outage perspective,
we came through those events beautifully but also with the
lessons learned as described before.
As sector coordinator I was able to participate and receive
information from numerous activities led by council
associations, clearing corporations, and Treasury-led
government teams. Additionally, because of the close working
relationship developed among sector coordinators while working
together on critical infrastructure protection initiatives, our
sector received regular updates on restoration activities. In
the case of the blackout, Mr. Michael Gant, sector coordinator
for the electric power, provided regular updates and outage
progress and really worked with us in our coordination effort.
This level of direct communication was invaluable as efforts
occurred to evaluate the situation and plan next steps.
This past Thursday and Friday our council held its regular
quarterly meeting in New York City where lessons learned were
discussed by the council and FBIIC with the New York Office of
Emergency Management. It was clear that the blackout allowed
many organizations to apply crisis communication and management
improvements post-9/11. The council members decided to work on
identifying the various calls that now typically occur in times
of crisis and will use the blackout experience as a case study.
The sector-wide effort being undertaken by the council will
seek to identify opportunities for improving sequencing of
these calls and other options for better information flow and
emergency communications. This effort will be coordinated with
our public sector colleagues and other sectors upon which we
have specific dependence.
My two colleagues on this panel, whose leadership for our
sector has been instrumental in the formation of the council
and leadership within the council, will be speaking on some of
the outstanding work their organizations have accomplished and
specific lessons learned from both the blackout and Hurricane
Isabel, together with recommendations.
Ms. MacLean. In summary, Chairwoman Kelly and members of
the committee, we believe that a strong public/private sector
partnership is the primary reason for our success. The
Government and the private sector's coordinating efforts during
the recent power outage and storms demonstrated the
preparedness work done by many organizations that have yielded
very positive results. These efforts have helped to ensure our
critical efforts are resilient and we are worthy of maintaining
the public confidence.
Thank you for your opportunity to testify.
[The prepared statement of Rhonda MacLean can be found on
page 57 in the appendix.]
Chairwoman Kelly. Thank you, Ms. MacLean.
Ms. Allen.
STATEMENT OF CATHERINE ALLEN, CEO, BITS, THE FINANCIAL SERVICES
ROUNDTABLE
Ms. Allen. Thank you, Chairwoman Kelly and Congressman
Kanjorski and other members of the committee, for the
opportunity to testify. I am Catherine Allen, CEO of BITS, a
not-for-profit industry consortium of the 100 largest financial
institutions in the U.S. BITS is the sister organization to The
Financial Services Roundtable, and our mission is to serve the
financial services industry where it interfaces between
commerce, technology and financial services. We are not a
lobbying organization.
Our work is shared not only among our members but
throughout the financial services sector, and you will see that
in a minute. I experienced firsthand the outage. We were in
Detroit at BITS meetings and experienced not having water,
power, telephone and many of the other things, along with the
CIOs and CTOs of a number of the financial institutions.
Bottom line, the financial services industry and our
customers fared well. Backup systems worked, ultimate
communications systems were used, and there was no measurable
impact on settlement and payments. There was excellent
cooperation in communications among the financial services
regulators, Treasury and the financial sectors.
Three major reasons why I think the Nation's system fared
so well were, first of all, preparation. As Mr. Olson said, the
events of 9/11 and subsequent preparations by both the private
and public sector helped us trust each other and helped us with
our abilities to communicate, shift to backup systems and
continue operations.
A second thing was the early announcement that this was not
a terrorist event, and I cannot reinforce how important that
was. This helped to alleviate public concerns and made for
orderly execution of business continuity processes.
Thirdly was the diversity of communications. Again I
personally can attest to how you use cell phones until they run
out of juice and then you use Blackberrys and you save cell
phones to communicate with others. Actually, throughout the
event Assistant Secretary Wayne Abernathy and I were
Blackberrying back and forth in preparation that BITS and the
Roundtable held.
There also were some critical lessons from the event. The
power grid must and should be considered among the most vital
critical infrastructures that needs investment to make sure it
works. The cascading impact cannot be overstated.
Secondly, water for cooling systems and personal hygiene is
often controlled by electricity. People do not think about
that, and that is what caused many organizations to close their
offices or delay opening.
Lastly, communications must be viewed as an integrated
system. We must be able to use diverse communications and
understand the vulnerabilities, address those vulnerabilities
and make sure we have diversity and redundancy.
Attached to our testimony is a wide variety of lessons
learned from the outage and specific recommendations. We
gathered these from what our members experienced during the
outage.
The most important lesson, however, that was learned was
how interdependent the critical infrastructures were and also
how fortunate we were that it was not a terrorist driven event
or we had a cyber security event at the same time. We need to
look strategically and holistically at the Nation's critical
infrastructures and what can be done to enhance resiliency,
reliability, redundancy and diversity.
BITS has addressed a number of the interdependency issues
and Congressman Kanjorski, you are right on about your points
about the telecommunications industry. That has been our most
important effort this past year, the understanding of the
inventory and what they had and how we would know whether they
had backup offices.
BITS has led an effort on behalf of the financial sector in
assessing telecommunications vulnerabilities and enhancing
recovery. We have worked with the National Communication
System, the NCS, of the DHS, who are helping us, and I can say
there is unparalleled cooperation going on right now between
the telecom and financial sectors. The results have included a
detailed and confidential assessment of the interdependencies
in these routes that you were mentioning in a specific
geographic area and we are looking at how we replicate that
through other areas.
Best practices in telecommunications and financial
procurement policies, pilots to model the costs of attaining
greater diversity and redundancy, adoption by our CEOs of the
NRICK best practices in physical and cyber security and
obviously education in both sectors. There are many other
things that we have done in the crisis management area.
I will point out two areas that also relate to this, and
that is the IT service providers. There is a press release
accompanying this hearing that talks about the BITS framework
for managing technology risk. We must look at our IT service
providers and our vendors as closely as we look at ourselves
and we have to make sure that we manage the risk--our risk
management strategies are in place in working with them.
Secondly is the area of software security. We have worked
on a BITS product certification program where we test software
products against security criteria the industry developed.
Again a press release accompanies this hearing, talking
about the development of a user driven coalition to address the
issues of software development, as well as the patch management
process. We urge the committee to consider all aspects of
critical infrastructure, the software and operating systems,
the service providers, the critical infrastructure industries
and the practices of firms, industries and Government in
addressing not only these power outages but future disasters
and related events.
I will end with the five key recommendations that we have
with the committee. One is to invest in the power grid because
of its critical and cascading impact; in fact, investment in a
number of the critical infrastructures, such as power,
telecommunications, and transportation, their incentives, such
as tax credits, credits for investment, R&D investment and
direct Government investment.
Number two, announce early whether an event is terrorist
related, or not. I cannot tell you how critical this was to our
maintenance of our crisis management procedures and
communications.
Three, establish improved coordination committee procedures
across the critical infrastructures, specifically with the
Federal, State and local government.
Number four, recognize that the financial sector is driven
by its trusted reputation as well as regulatory requirements.
Not all other sectors are the same way, and we need to look at
this again holistically.
And lastly and most importantly, recognize and review the
dependence of all critical infrastructures on software
operating systems and the Internet. A cyber attack of some kind
which impacts communications, SCADA systems and first responder
systems would put us at terrible risk. Compounding the problem
is the lack of security software development processes and a
current inefficient software patch process that not only cost
us millions but put us at greater risk.
It is an alarming issue and critical to the Nation's
infrastructure. A clear understanding of the role of software
operating systems and the higher duty of care, particularly
when serving the Nation's critical infrastructures needs to be
explored.
Again, thank you for this opportunity, and I will look
forward to answering questions.
[The prepared statement of Catherine Allen can be found on
page 42 in the appendix.]
Chairwoman Kelly. Thank you very much.
Mr. Kittell, please.
STATEMENT OF DONALD D. KITTELL, EXECUTIVE VICE PRESIDENT,
SECURITIES INDUSTRY ASSOCIATION
Mr. Kittell. Thank you, Chairwoman Kelly and Congressman
Kanjorski.
I am Donald Kittell, Executive Vice President of the
Securities Industry Association.
Since 9/11 the security industry has invested a great deal
of time and resources in business continuity plans. The opening
of the market following the blackout I think was clear proof
that those plans were viable, at least in the event of a
blackout occurring at about 4:30 on a Thursday afternoon. I
would particularly highlight the support we received from New
York City, as well as from State, Federal and regulatory bodies
during the event.
Early assurances that this was not a terrorist act was very
important, and after 9/11, dealing with the blackout was a
refreshingly easy problem. When street power was lost, there
was essentially a seamless transition to backup power among all
the firms and the exchanges. The Securities Industry Automation
Corporation, or SIAC, processes for the New York Stock
Exchange, the American Stock Exchange, the National Market
Systems, Depository Trust, Fixed Income Clearing and other
organizations. Those sites were protected by battery backup
combined with backup generators, and there were no
interruptions in processing and no loss of data.
Similarly, SIAC's safety system, which was installed
subsequent to 9/11 to provide alternative telecommunications
connectivity between securities firms and the infrastructure
exchanges, operated throughout the blackout without difficulty.
Depository Trust activated both its remote sites and its
remote operating locations, both of which were developed
following 9/11, so they were actually operating their data
center in New York from a remote operating center successfully.
The American Stock Exchange, we talked about earlier, was
able to activate backup generators for its building and trade
systems but not its cooling systems because of a shutdown of
ConEd steam power. The AmEx obtained emergency steam generation
power later on Friday, was able to open and perform an orderly
close at the end of the day.
But I would like to come back to Congressman Kanjorski's
question about the AmEx if we have time later.
Some securities firms relocated to backup sites, others
operated under both backup and main primary sites, but
essentially all firms were able to operate following the
blackout.
SIA's command center was activated within minutes of the
blackout and conducted conference calls throughout Thursday
night, the following Friday, and into the weekend, and these
calls were integrated with those of the regulators and other
industry organizations.
SIA has maintained a seat at the New York City Office of
Emergency Management since the Y2K days, and that was
invaluable; in fact, it was the OEM that arranged the backup
steam for the AmEx, as well as arranging for delivery of fuel
to backup generator sites.
We believe there is value to adding other people to our
network of calls, primarily in the telecommunications area, but
also with data vendors and service bureaus, and we are working
to accomplish this. I think the main thing we have learned with
these calls is that it is not so much the preparation and
structuring of them but just the flexibility we have of being
able to talk to each other when an event occurs.
There were some infrastructure issues. The two worst
problems were loss of communications and transportation. The
cell phone service degraded pretty rapidly once the backup
battery power was over and some of the land line switches in
Brooklyn and mid-town Manhattan were disabled. Instances were
identified where fuel delivery trucks could not be reloaded
because of, again, pumps that did not have backup power.
Transportation systems were immobilized, and many employees
were stranded. Actually, this was a good thing from the
standpoint of opening the markets but not so good for the
people involved. Ferries continued to operate but they were
overwhelmed by the number of riders. As a result, many firms
are reconsidering plans to keep critical employees on-site as
well as shutting down their operations and sending people home.
Vis-a-vis Hurricane Isabel, the New York City OEM was our
primary source of information, and fortunately we were able to
avoid any major challenge there, but we are very cognizant of
the risk we run in Lower Manhattan of a hurricane. We were
fortunate that both the blackout occurred when it did and that
the hurricane did not impact New York in a significant way.
The blackout occurred after trading hours in daylight, on a
Thursday of the week. It is just about the best time we could
order up a blackout. We would have faced very significant
challenges if it had occurred during trading hours or if it had
occurred early in the morning before the work force actually
was able to get into the city.
With respect to the hurricane, we are well-aware of the
potential flood damage in downtown Manhattan. Again, New York
City OEM would be our key guidance there as far as evacuation
is concerned, so although the early reports and preparation
were fine, I think we are very cognizant of the fact that a
hurricane with a direct hit in New York would present much more
serious problems than what we had with the blackout.
Since 9/11, the industry, in partnership with Federal,
State and city emergency management associations, regulatory
agencies, service providers, has improved its resiliency. We
are proud of the progress to date. We continue to address
vulnerabilities in the future.
Thank you, Congresswoman Kelly.
[The prepared statement of Donald D. Kittell can be found
on page 52 in the appendix.]
Chairwoman Kelly. Thank you very much.
Now, we turn to you, Mr. Schmidt.
STATEMENT OF HOWARD A. SCHMIDT, VICE PRESIDENT AND INFORMATION
SECURITY OFFICER, eBAY, INC., AND FORMER CHAIR OF THE
PRESIDENT'S CRITICAL INFRASTRUCTURE PROTECTION BOARD
Mr. Schmidt. Thank you very much, Chairwoman Kelly members
of the committee. My name is Howard Schmidt. I am the Vice
President and Chief Information Security Officer for eBay,
where I lead a team who is responsible for the security,
trustworthiness and availability of the services that bring so
many global citizens together each day.
Today I come to you more as an individual, primarily, who
has had the privilege of working with many committed
individuals in the private sector, law enforcement and
government to forge a collaboration and cooperation to
essentially safeguard the sort of resources we need through
cyberspace and we have seen protected as a result of the
blackout.
I had the privilege of assisting in the formation of some
of the first collaborative efforts in this arena and led the
creation of the Information Technology Information Sharing and
Analysis Center, or the IT-ISAC, and now I am serving as the
first President. This was in the aftermath of PDD-63.
Later I was appointed by President Bush to serve with
Richard Clarke running the President's Critical Infrastructure
Protection Board, in which many of the issues we are talking
about here today were part of the key issues we were looking at
as we put together the National Strategy to Defend Cyberspace,
and that national strategy, I might add, was a combination of
work done by BITS, the Financial Services ISAC, many of the
Federal Government agencies, as well as the Congress and many
of the private citizens across the United States.
But I want to talk for a moment about the successes that
the financial services community had that enabled us to
continue business during the blackout and the recent hurricane.
It served to deepen our appreciation of the interdependencies
between the Internet and the critical infrastructure and those
pieces of commerce that we depend on, as many saw the perfect
storm of the convergence of two Internet worms that were
occurring at the same time the blackout was taking place, but
also, as the Congressman pointed out, between the power and
telecommunications infrastructure. We were also reminded that
much of the work that we did in the preparation of the cyber
security plan also gave us the resiliency and the ability to
protect ourselves because those same plans in a cyber attack
were the same plans we needed to put in place to minimize the
effect of the blackout we saw.
One of the things that has helped reduce the impact of this
event as well as others is the ability to share information
across sectors and across competitor lines. It was particularly
rewarding to see many companies, strong competitors in the
marketplace, share information about backup strategies, share
information about disaster recovery sites. So we can indeed
enjoy the benefits of the services they provide us on a day-to-
day basis.
As a matter of fact, during the summer events for the
blackout, we saw for the on-line industry approximately a 10 to
15 percent reduction of activity during the power outage
itself, but that was primarily related to the fact that many
citizens who would use the Internet could not even log on to be
able to conduct some of the transactions, but in doing so, one
of the resources we turned to was the financial impact report
by various industries, and looking at this, it cited in the
report the credit card and sales authorizations, which is one
of the main focuses we looked at with eBay, for online sales
would lose $2.6 million an hour if they were unable to conduct
their transactions, and even home shopping was estimated to
have losses of $113,000 per hour if the system was not
available.
There is much we can do to prepare for these sort of
events, and once again I cite the interrelationship between
cyber attacks on our infrastructure or the critical events we
have seen this summer.
In this case, the Internet connects about 170 million
computers and an estimated 680 million users. There is an
estimated growth rate going to 904 million by the end of 2004,
and you can see eBay is a prime example of how deeply ingrained
the Internet is to American life and the dependency we have on
the power of the telecommunications systems to bring these
buyers and sellers together.
More fundamentally, and I think this is pretty important to
understand this, by our location in the backup strategies and
the redundancy that we have in the overall infrastructure
system, the stores stayed open during the crisis times where
physical stores were incapable of opening at that point.
I want to also point out that some of the emerging
solutions we have are some of the issues around the United
States Computer Emergency Response Team, which has just now
been appointed up in Carnegie Mellon University by the
Department of Homeland Security.
By bringing the sector coordinators such as Rhonda MacLean,
the Information Sharing Analysis Centers, by participation of
many of those folks and the work done in PDD-63 with the
Department of Treasury, Department of Homeland Security, we can
then continue to move forward and make sure that those
disruptions we have seen indeed have minimal impact on our
ability to transact business online and particularly in the
financial sector.
In closing, I just want to comment on the fact that one of
the, I think, keystone milestones that we are seeing coming
forth is in the first part of December the Department of
Homeland Security, in conjunction with many of the folks that
you have heard from my colleagues here today are putting on a
National Cyber Security Summit out on the West Coast, and this
summit will be cohosted by private sector organizations, the
Department of Homeland Security, Department of Treasury, and we
intend to as a result of that put together a task force which
will continue to evolve in a position where the power
blackouts, the effects of the hurricane will have less of an
effect on the infrastructure we depend on, both
telecommunications and the power blackout, and we will continue
to work on these plans going forward and working with your
committee to make sure that we serve the American public as
well as the private sector interests of the country, with which
we are both very much in tune.
Chairwoman Kelly, this concludes my remarks and I welcome
any questions that you have.
[The prepared statement of Howard A. Schmidt can be found
on page 76 in the appendix.]
Chairwoman Kelly. Thank you very much, Mr. Schmidt.
Can you tell us the date of that?
You just said that you are going to have the Cyber Security
Summit, but you didn't, I believe, mention the date. Even if
you did, let's emphasize it.
Mr. Schmidt. I did not. It is in my written testimony. It
is December 3rd, and the venue is still being worked on by DHS,
and I understand Secretary Ridge is also having a personal hand
in putting this very, very valuable summit together.
Chairwoman Kelly. Yes, I am sure it will be valuable.
We have been talking about a number of problems with IT
software, as well as the hardware, and I am hopeful that both
of those will be addressed at that summit?
Mr. Schmidt. Yes. As a matter of fact, they are. There are
two specific task forces looking at quality control and
engineering, and taking the efforts that many of the software
companies and hardware companies have really turned their
business models around to focus on security and availability;
as a matter of fact, to the displacement of some of the feature
issues that we are going to have a complete task force work
with those issues to make sure that that gets accelerated.
Chairwoman Kelly. Given your White House background, I
would like to know how the financial sector would have handled
the power outage in August differently had it been the result
of a terrorist attack or if it had been a particular terrorist
attack on a cyber section.
Mr. Schmidt. I think that is one of the interesting points,
as I tried to point out during my testimony, that many of the
resources and many of the programs that we put in place
relative to the aftermath of September 11 and actually going
back even to PDD-63 were the same things we needed to do for
disaster recovery of business continuity, so therefore had we
not had the focus we had over the past 5 years I think it would
have been a different story. So whether it is a terrorist
attack, a cyber attack, I think the steps the financial sector
took in preparation of this are the right steps and they
continue to move in the direction to even make this more
valuable.
Chairwoman Kelly. Thank you.
I would like to ask Ms. MacLean, what was, for your group
and for you possibly and your sector, what was the biggest
surprise that you found during the blackout, a problem or
something that worked that you didn't think was going to work?
Ms. MacLean. I think the biggest--well, it was no surprise
that it worked, and that only came because of the amount of
testing and focus this particular area, business continuity and
resiliency, has on our sector in general.
I think the biggest surprise for me was in actually setting
on some of the telecoms the issue of dealing with some of the
personal inconveniences for people, such as the sanitation
systems being dependent on the electric power, and I know in
our case and some of the New York buildings being on a very
tall floor was a very inconvenient process, and so making sure
that we had good sanitary conditions, together with getting
food in to people who had stayed through the night and through
the days following the blackout, to make sure everything was
operational I think was the key thing that--and also making
sure we had enough flashlights, because that is another area
where you may have backup resiliency but you really do not have
enough to power lighting, and so you need to have other kinds
of capabilities there on hand.
So it is the people issue again that I think continues to
have additional focus in many of our institutions.
Chairwoman Kelly. What do you think should be done with
regard to battery backup? I understand that there were places
that had battery backup but then after a while the battery
simply expired.
Ms. MacLean. Well, for the systems to maintain
operational--I mean, that runs on large generators, that
provided adequate backup. I think the smaller battery backup
just for a small area I think is where it gets a little bit
more complicated and I think we need to look at what are some
of the alternatives. Again, I think it is more of a people
issue rather than it is the system. The systems are going to be
run through the large generators, which seemed to have
adequacy.
Chairwoman Kelly. I am interested in the mix that we have
been talking about, this interrelationship, and you pointed out
sanitary systems on the upper floors weren't exactly working,
and Mr. Kanjorski brought up the fact that there were some
problems that possibly could have been some problems with
regard to drinking water.
Your sector--or any of you, let me address this to all of
you: Are you planning to try to work with the third parties
that control these systems to try to put something in place
fairly soon or do you feel that is just the way it is going to
be?
Ms. MacLean. Well, let me take a cut at that answer. I
think the sector coordinators, there is a sector coordinator
for water and power, for emergency, I mentioned Mr. Michael
Gant. There is also a telecommunications sector coordinator,
and we do meet on a regular basis and this is the focus of a
lot of our talk in discussions and looking at what are the
initiatives we need to have cross-sector to make sure that we
are working together.
The interdependencies is what is at--is the main point that
we need to get at, and I understand those intersections of
interdependencies, and make sure we have adequate plans in
place to address those things.
Mr. Kittell. Our best work there is with the New York City
Office of Emergency Management, where we get more results with
the OEM talking to the water companies than we do talking with
the water companies directly. Same thing with telecom in an
event like this. So that problem is identified on our list of
things that we are chasing down.
Chairwoman Kelly. That is good to hear. I suspect we in the
New York area have had--obviously, we have had a little more
experience in some other areas in dealing with this, but I just
still do not think we have it put together. I think it is very
important that these integrations of systems be worked on and
be made to work.
I have other questions. I will submit some of them in
writing, but in the interest of time I am going to go to Mr.
Kanjorski.
Mr. Kanjorski. I thank Ms. Kelly.
Ms. MacLean and Mr. Kittell, one of the most important
aspects of disaster recovery planning for very large financial
entities and for clearinghouses concerns the maintenance of a
synchronized realtime redundancy.
As I understand, to address this issue many firms currently
rely on annual descriptions to the disaster recovery systems,
be it known as SunGard and IBM Global Services, but when a
disaster strikes at these first, first in line in receiving
assistance, they may not be first to receive help.
What will happen to our markets if all of the disaster
space is taken? What could financial firms do to prepare for
such contingencies?
Mr. Kittell. Well, I think we had that situation with 9/11,
Congressman. The backup sites at the companies you mentioned
were swamped with all of the firms that were affected by 9/11
and they did, I would say, a very good job of not only using
their preplanned space but also giving up their own offices and
data centers for use by the firms that needed it.
There was also a tremendous--as you know, there was a
tremendous voluntary effort on the part of other firms in the
industry, offering desk space and data center space, and so on,
in a cooperative way across the industry, so I think we have
already had that event. I think as a result of the event the
capacity in those backup organizations has been increased, and,
you know, depending on the nature of the event to come, we are
certainly in much better shape than we were pre-9/11. Whether
we could defend against some of the scenarios that people talk
about is obviously an open question.
Mr. Kanjorski. Do you want to respond along that line?
Ms. MacLean. Well, I think Don Kittell has really done a
good job of articulating. The 9/11 really did--at the end of
the day, we did work very, very well, even though we did reach
capacity. As a result, though, also, you mentioned the
interagency white paper that has been published. Institutions
are required to look at those recommendations in that white
paper and are in the process of implementing and assessing
their programs against that, the recommendations made in the
interagency white paper.
As we go forward, the focus is really to continuously
improve and assess your capabilities and ensure that you can
meet those 2 and 4-hour guidelines, and I think that is where
the real question comes in, is the innovativeness and the
different capabilities that we can bring to bear to meet those
time lines, and that is where the focus is today.
Ms. Allen. Yes, I might just address that, too, because we
have done work in the outsourcer area, we have viewed them as
third parties, and that is part of what this framework that we
developed for the industry was, to look at present best
practices that financial institutions need to require of their
third-party providers.
We actually are having a meeting on this, a conference on
this, on outsourcing, on November 6 and 7, and, again, it
focused on preparedness, on the requirements, so that
outsourcers meet the same level of standards that we require
internally and to look at where the gaps are, so that we make
sure that we have enough capacity in the outsourcing industry
to handle it if we have a major disaster.
Mr. Kanjorski. Does that create some unfair competition, if
some companies respond by doing the job in accordance with the
white paper and others decide to take the chance not to do it?
If a disaster doesn't occur, the latter group gets a
competitive advantage. Of course, if the disaster does occur,
the former group gets a competitive advantage. And if someone
looked at whether or not there was a need for compulsion as
opposed to voluntarism?
Ms. Allen. That is my point. The point about the financial
institutions were all regulated. We all have certain levels of
regulation or compliance that we must meet, but we oftentimes
compete with nonfinancial institutions who do not have to meet
the same regulatory oversight or liability or business
compliance requirements that we do, and it is one of our
reasons we focus on outsourcers, to make them meet the same
requirements, but they aren't really regulated. It is only at
our request or our demands that they meet that.
Other critical infrastructure facilities that we rely on,
we totally rely on in some cases, do not have the same
regulatory oversight or do not have the same kind of
requirements that we do. So that makes it difficult. The
interagency white paper is a good example of requiring us to
come back up in a certain time period. We can do what we can
internal to our walls, but when we are dependent upon the
telecommunications or the power industry, we cannot always be
sure that they will be there.
Mr. Kittell. I would comment on that. I do not think firms
look at this as a competitive issue the degree to which they
build resilient facilities.
The issue that is debated is what events do you defend
against and which ones have a high enough probability that will
result in the investment paying off, and that is the debate
that takes place between firms individually and with the
regulators, whether it is the Fed or the SEC or the Treasury.
What events have I agreed to defend against and how have I
defended against them, and there are some scenarios that some
firms freely admit they are not pretending to defend against,
but I think that is the primary debate. What do you defend
against and what do you not? It is not a question of
competitiveness, one way or the other.
Mr. Kanjorski. Thank you very much, Ms. Kelly.
Chairwoman Kelly. Thank you.
Ms. Allen, I would like to go back and ask you a question
about the outsourcing problem that you raised.
We talk about cost/benefit, and my next question is going
to be to this panel on cost about all of this, but one of the
reasons we see an increase in outsourcing in a number of areas
is it does cost less.
From what you now know, do you believe that there is a
Federal regulatory position that we should be thinking about
taking, with regard to people who do affect our financial
structures who are in an outsourced position and perhaps not on
the shores of the United States of America?
Ms. Allen. I would have to come back with an answer on
whether you should take a regulatory perspective. I will say
that that is a target. The idea of having industry marks and
best practices and requirements of outsources, whether they are
inside our territory or whether they are in India, China, or
other places, our financial institutions are requiring the same
level of standards of those two types of outsourcing entities,
and I think that it is important that a number of the
regulators will go into major outsourcers, providers that
provide the majority of services to the financial institutions
and actually will examine them. It is on a limited basis, but
it also is helpful in making sure those outsourcers know they
are going to be looked at in terms of their capabilities.
I would have to come back to you on the regulatory part of
it.
Chairwoman Kelly. When you said that you require the same
level of standards, we have been talking about the fact that we
here in the United States, while we do have a lot of standards,
some of our standards were deeply affected by the availability
of power, water, and so forth.
Are those levels required of outsourced?
Ms. Allen. Again, we are asking in the framework, and we
also are ready to launch a major, what I call, security
assessment, it is a matrix. It is standardized, whether it is a
financial institution or a consultant or auditing firm goes in
and looks at an outsourcer, it is the same questions, again
whether they are located in the U.S. Or outside the U.S., their
dependency on power, on telecommunications, having backup
systems, making sure they can get people to their sites. So we
are viewing them just the same as having our own backup system
50 miles away or 200 miles away. If it is 2,000 or 20 miles
away, it is the same way looking at that outsource capability.
Chairwoman Kelly. Thank you very much.
I want to go back and ask you all the same question: Has
there been a study, do you have any idea what the cost is, with
regard to planning, putting in place the things that we need to
make sure that the systems, the financial systems in America
stay up and running despite any kind of a disaster?
All of the disaster planning we have done has cost money.
Your conferences cost money, and this money is currently coming
from the private sector, so we in the Government really, I do
not think, have a handle on it.
Do any of you have a handle on it and can you tell us what
the costs look like, and I am going to start with you, Ms.
MacLean.
Ms. MacLean. Well, there has been a number of different
studies that you can--the Gardiner Group I know has done some
marking between different institutions where you can get some
comparison data about what the investment is with large
organizations or medium organizations who are looking at their
business continuity and business preparedness. So there is some
independent individual studies for the purpose of marking.
I am not aware, maybe some of my colleagues here are aware,
of an overall study that quotes would be a good source of
something, but that is something we surely could look into and
make available to you and to your staff.
Chairwoman Kelly. I am just wondering about the insurance
industry. For instance, they said that the cost of the blackout
could be estimated in several billion dollars from what I
understand.
I want to know if there has been any objective look at the
losses in that sector alone, let alone all the things we have
put together. So perhaps we could take a look at that.
Ms. Allen, would you like to respond to that?
Ms. Allen. There are isolated studies, again the Gardiner
study, we ourselves are dimensioning the costs to our industry
of patch management, what it costs to go back in for the
Slammer, for the SoBig to fix that, so we have a handle on how
big this issue is.
We could come back to you, and I will give you some
isolated studies that I have seen on the cost of business
continuity, cost of requirements to be able to have the kind of
physical security you need.
We are working with the telecommunications industry right
now to dimension the cost to provide the level of diversity and
redundancy that they now provide to the FAA and if we were to
provide that to financial institutions. There aren't numbers on
that yet, but we will be happy to share that once we know it.
Chairwoman Kelly. Mr. Kittell?
Mr. Kittell. Yes.
The SIA did a cost study of the Y2K conversion at something
in the neighborhood of $5 billion over 3 years. We did a
similar kind of study for the conversion of decimals, which was
about two billion over 2 years, or so.
We also did a cost estimate of moving from T3 settlement to
T1 settlement, of about $8 billion over about a 4 or 5-year
period.
These numbers are very gross. They will take into account
IT and other budgets that are addressing lots of other things
besides the specific projects that we talked about, because
they get into fundamental infrastructure capacity.
It is very hard to isolate one number from another. We have
not done a number on business continuity planning over the last
2 or 3 years, but depending on who is calculating and what
objective they are trying to reach, I would say you would see
numbers comparable to maybe the decimal conversion or Y2K.
Chairwoman Kelly. Thank you.
Mr. Schmidt.
Mr. Schmidt. Yeah, I do not know of a comprehensive study,
but some of the university relationships I have had, I am going
to go back and ask them to start working on one and ask them to
prepare for that. But this Eagle Rock Alliance out of New
Jersey has done an hourly breakdown on what the losses might
be, and I found that particularly interesting on some of the
data points they have got, but the whole issue of the
availability, part of the service level agreements that many of
us are now doing--and I believe Catherine mentioned it--with
our outsourcing partners, that basically we are not only having
that as part of the contractual agreement but we are also
engaging with other companies to do an audit to make sure they
can deliver on that. So it is having a cascading effect on some
of the smaller partners out there, which then gives us a better
availability later on to say yes, we can deliver within that 2
to 4-hour time frame.
Chairwoman Kelly. Thank you. Would this panel have any
final recommendations for this committee with regard to the
issue we are addressing today?
Ms. Allen. I would just like to commend Congress for
passing the Defense Production Act with the definition of
critical infrastructure industries included in that. I think
that was a great step forward for us in prioritization of
services.
Mr. Kittell. I would say it is appropriate from our point
of view from a legislative and a regulatory point of view to
ask firms to address the risks that they identify, for example,
in the outsourcing question earlier, that it is reasonable to
take some sort of regulatory action vis-a-vis have you
considered the complications of outsourcing and what have you
done with it, as opposed to trying to write--which I think
would be very difficult--write some sort of regulatory scheme
around standards or principles or the way things need to be
done, because each firm really has unique resources to play
with, unique solutions to defend against these issues.
Chairwoman Kelly. My inclination is to agree with you.
Before I came to Congress I noticed that every time Congress
wrote a law it seemed to sort of foul things up a little bit.
So maybe we can stay out of that and the industry can deal with
it. Certainly it seems as though you have been dealing with it
very well.
Mr. Schmidt, our final comment here.
Mr. Schmidt. Yes, thank you.
My recommendation would be for the committee to do as it
has been doing, maintain the dialogue with those of us in the
private sector that are the owners and operators of this, and I
thank you for your leadership and the Congressman for his
leadership in making sure that we, indeed, keep it to where the
private sector can effect the changes without imposing
regulations that probably do not work.
Chairwoman Kelly. Good, thank you.
This committee thanks all of you for staying here for such
a long period of time. I appreciate it very much, and the Chair
notes that some members may have additional questions for the
panel. They may wish to submit them in writing. So without
objection, the hearing record will remain open for 30 days for
members to submit the written questions to these witnesses and
place their responses in the record.
This second panel is excused, with our great thanks and
appreciation for your time.
I want to briefly thank all the members and the staff for
the assistance that they have given us in making this hearing
possible.
This hearing is adjourned.
[Whereupon, at 3:52 p.m., the subcommittee was adjourned.]
A P P E N D I X
October 20, 2003
[GRAPHIC] [TIFF OMITTED] T2642.001
[GRAPHIC] [TIFF OMITTED] T2642.002
[GRAPHIC] [TIFF OMITTED] T2642.003
[GRAPHIC] [TIFF OMITTED] T2642.004
[GRAPHIC] [TIFF OMITTED] T2642.005
[GRAPHIC] [TIFF OMITTED] T2642.006
[GRAPHIC] [TIFF OMITTED] T2642.007
[GRAPHIC] [TIFF OMITTED] T2642.008
[GRAPHIC] [TIFF OMITTED] T2642.009
[GRAPHIC] [TIFF OMITTED] T2642.010
[GRAPHIC] [TIFF OMITTED] T2642.011
[GRAPHIC] [TIFF OMITTED] T2642.012
[GRAPHIC] [TIFF OMITTED] T2642.013
[GRAPHIC] [TIFF OMITTED] T2642.014
[GRAPHIC] [TIFF OMITTED] T2642.015
[GRAPHIC] [TIFF OMITTED] T2642.016
[GRAPHIC] [TIFF OMITTED] T2642.017
[GRAPHIC] [TIFF OMITTED] T2642.018
[GRAPHIC] [TIFF OMITTED] T2642.019
[GRAPHIC] [TIFF OMITTED] T2642.020
[GRAPHIC] [TIFF OMITTED] T2642.021
[GRAPHIC] [TIFF OMITTED] T2642.022
[GRAPHIC] [TIFF OMITTED] T2642.023
[GRAPHIC] [TIFF OMITTED] T2642.024
[GRAPHIC] [TIFF OMITTED] T2642.025
[GRAPHIC] [TIFF OMITTED] T2642.026
[GRAPHIC] [TIFF OMITTED] T2642.027
[GRAPHIC] [TIFF OMITTED] T2642.028
[GRAPHIC] [TIFF OMITTED] T2642.029
[GRAPHIC] [TIFF OMITTED] T2642.030
[GRAPHIC] [TIFF OMITTED] T2642.031
[GRAPHIC] [TIFF OMITTED] T2642.032
[GRAPHIC] [TIFF OMITTED] T2642.033
[GRAPHIC] [TIFF OMITTED] T2642.034
[GRAPHIC] [TIFF OMITTED] T2642.035
[GRAPHIC] [TIFF OMITTED] T2642.036
[GRAPHIC] [TIFF OMITTED] T2642.037
[GRAPHIC] [TIFF OMITTED] T2642.038
[GRAPHIC] [TIFF OMITTED] T2642.039
[GRAPHIC] [TIFF OMITTED] T2642.040
[GRAPHIC] [TIFF OMITTED] T2642.041
[GRAPHIC] [TIFF OMITTED] T2642.042
[GRAPHIC] [TIFF OMITTED] T2642.043
[GRAPHIC] [TIFF OMITTED] T2642.044
[GRAPHIC] [TIFF OMITTED] T2642.045
[GRAPHIC] [TIFF OMITTED] T2642.046
[GRAPHIC] [TIFF OMITTED] T2642.047
[GRAPHIC] [TIFF OMITTED] T2642.048
[GRAPHIC] [TIFF OMITTED] T2642.049
[GRAPHIC] [TIFF OMITTED] T2642.050
[GRAPHIC] [TIFF OMITTED] T2642.051
[GRAPHIC] [TIFF OMITTED] T2642.052
[GRAPHIC] [TIFF OMITTED] T2642.053
[GRAPHIC] [TIFF OMITTED] T2642.054
[GRAPHIC] [TIFF OMITTED] T2642.055
[GRAPHIC] [TIFF OMITTED] T2642.056
[GRAPHIC] [TIFF OMITTED] T2642.057
[GRAPHIC] [TIFF OMITTED] T2642.058
[GRAPHIC] [TIFF OMITTED] T2642.059
[GRAPHIC] [TIFF OMITTED] T2642.060
[GRAPHIC] [TIFF OMITTED] T2642.061
[GRAPHIC] [TIFF OMITTED] T2642.062
[GRAPHIC] [TIFF OMITTED] T2642.063
[GRAPHIC] [TIFF OMITTED] T2642.064
[GRAPHIC] [TIFF OMITTED] T2642.065
[GRAPHIC] [TIFF OMITTED] T2642.066
�