b"<html>\n<title> - GOVERNMENT AND INDUSTRY EFFORTS TO PROTECT OUR MONEY DURING BLACKOUTS, HURRICANES, AND OTHER DISASTERS</title>\n<body><pre>[House Hearing, 108 Congress]\n[From the U.S. Government Printing Office]\n\n\n\n\n\n                   GOVERNMENT AND INDUSTRY EFFORTS\n                      TO PROTECT OUR MONEY DURING\n                       BLACKOUTS, HURRICANES, AND\n                            OTHER DISASTERS\n\n=======================================================================\n\n                                HEARING\n\n                               BEFORE THE\n\n                            SUBCOMMITTEE ON\n                      OVERSIGHT AND INVESTIGATIONS\n\n                                 OF THE\n\n                    COMMITTEE ON FINANCIAL SERVICES\n\n                     U.S. HOUSE OF REPRESENTATIVES\n\n                      ONE HUNDRED EIGHTH CONGRESS\n\n                             FIRST SESSION\n\n                               __________\n\n                            OCTOBER 20, 2003\n\n                               __________\n\n       Printed for the use of the Committee on Financial Services\n\n                           Serial No. 108-58\n\n\n92-642              U.S. GOVERNMENT PRINTING OFFICE\n                            WASHINGTON : 2003\n____________________________________________________________________________\nFor Sale by the Superintendent of Documents, U.S. Government Printing Office\nInternet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512\xef\xbf\xbd091800  \nFax: (202) 512\xef\xbf\xbd092250 Mail: Stop SSOP, Washington, DC 20402\xef\xbf\xbd090001\n\n                 HOUSE COMMITTEE ON FINANCIAL SERVICES\n\n                    MICHAEL G. OXLEY, Ohio, Chairman\n\nJAMES A. LEACH, Iowa                 BARNEY FRANK, Massachusetts\nDOUG BEREUTER, Nebraska              PAUL E. KANJORSKI, Pennsylvania\nRICHARD H. BAKER, Louisiana          MAXINE WATERS, California\nSPENCER BACHUS, Alabama              CAROLYN B. MALONEY, New York\nMICHAEL N. CASTLE, Delaware          LUIS V. GUTIERREZ, Illinois\nPETER T. KING, New York              NYDIA M. VELAZQUEZ, New York\nEDWARD R. ROYCE, California          MELVIN L. WATT, North Carolina\nFRANK D. LUCAS, Oklahoma             GARY L. ACKERMAN, New York\nROBERT W. NEY, Ohio                  DARLENE HOOLEY, Oregon\nSUE W. KELLY, New York, Vice Chair   JULIA CARSON, Indiana\nRON PAUL, Texas                      BRAD SHERMAN, California\nPAUL E. GILLMOR, Ohio                GREGORY W. MEEKS, New York\nJIM RYUN, Kansas                     BARBARA LEE, California\nSTEVEN C. LaTOURETTE, Ohio           JAY INSLEE, Washington\nDONALD A. MANZULLO, Illinois         DENNIS MOORE, Kansas\nWALTER B. JONES, Jr., North          CHARLES A. GONZALEZ, Texas\n    Carolina                         MICHAEL E. CAPUANO, Massachusetts\nDOUG OSE, California                 HAROLD E. FORD, Jr., Tennessee\nJUDY BIGGERT, Illinois               RUBEN HINOJOSA, Texas\nMARK GREEN, Wisconsin                KEN LUCAS, Kentucky\nPATRICK J. TOOMEY, Pennsylvania      JOSEPH CROWLEY, New York\nCHRISTOPHER SHAYS, Connecticut       WM. LACY CLAY, Missouri\nJOHN B. SHADEGG, Arizona             STEVE ISRAEL, New York\nVITO FOSSELLA, New York              MIKE ROSS, Arkansas\nGARY G. MILLER, California           CAROLYN McCARTHY, New York\nMELISSA A. HART, Pennsylvania        JOE BACA, California\nSHELLEY MOORE CAPITO, West Virginia  JIM MATHESON, Utah\nPATRICK J. TIBERI, Ohio              STEPHEN F. LYNCH, Massachusetts\nMARK R. KENNEDY, Minnesota           ARTUR DAVIS, Alabama\nTOM FEENEY, Florida                  RAHM EMANUEL, Illinois\nJEB HENSARLING, Texas                BRAD MILLER, North Carolina\nSCOTT GARRETT, New Jersey            DAVID SCOTT, Georgia\nTIM MURPHY, Pennsylvania              \nGINNY BROWN-WAITE, Florida           BERNARD SANDERS, Vermont\nJ. GRESHAM BARRETT, South Carolina\nKATHERINE HARRIS, Florida\nRICK RENZI, Arizona\n\n                 Robert U. Foster, III, Staff Director\n\n              Subcommittee on Oversight and Investigations\n\n                     SUE W. KELLY, New York, Chair\n\nRON PAUL, Texas, Vice Chairman       LUIS V. GUTIERREZ, Illinois\nSTEVEN C. LaTOURETTE, Ohio           JAY INSLEE, Washington\nMARK GREEN, Wisconsin                DENNIS MOORE, Kansas\nJOHN B. SHADEGG, Arizona             JOSEPH CROWLEY, New York\nVITO FOSSELLA, New York              CAROLYN B. MALONEY, New York\nJEB HENSARLING, Texas                CHARLES A. GONZALEZ, Texas\nSCOTT GARRETT, New Jersey            JIM MATHESON, Utah\nTIM MURPHY, Pennsylvania             STEPHEN F. LYNCH, Massachusetts\nGINNY BROWN-WAITE, Florida           ARTUR DAVIS, Alabama\nJ. GRESHAM BARRETT, South Carolina\n\n\n                            C O N T E N T S\n\n                              ----------                              \n                                                                   Page\nHearing held on:\n    October 20, 2003.............................................     1\nAppendix:\n    October 20, 2003.............................................    33\n\n                               WITNESSES\n                        Monday, October 20, 2003\n\nAbernathy, Hon. Wayne A., Assistant Secretary for Financial \n  Institutions, Department of the Treasury.......................     3\nAllen, Catherine, CEO, BITS, The Financial Services Roundtable...    18\nKittell, Donald D., Executive Vice President, Securities Industry \n  Association....................................................    20\nMacLean, Rhonda, Private Sector Coordinator, Financial Services \n  Critical Infrastructure Protection and Homeland Security, & \n  Director, Corporate Information Security, Bank of America......    15\nOlson, Hon. Mark W., Member, Board of Governors, Federal Reserve \n  System.........................................................     5\nSchmidt, Howard A., Vice President and Information Security \n  Officer, eBay, Inc., and former Chair of the President's \n  Critical Infrastructure Protection Board.......................    22\n\n                                APPENDIX\n\nPrepared statements:\n    Kelly, Hon. Sue W............................................    34\n    Abernathy, Hon. Wayne A......................................    35\n    Allen, Catherine.............................................    42\n    Kittell, Donald D............................................    52\n    MacLean, Rhonda..............................................    57\n    Olson, Hon. Mark W...........................................    65\n    Schmidt, Howard A............................................    76\n\n              Additional Material Submitted for the Record\n\nOlson, Hon. Mark:\n    Federal Reserve System letter, October 22, 2003..............    84\nNew York State Banking Superintendent Diana L. Taylor, prepared \n  statement......................................................    86\nU.S. Securities and Exchange Commission, prepared statement......    92\n\n \n                    GOVERNMENT AND INDUSTRY EFFORTS\n                      TO PROTECT OUR MONEY DURING\n                       BLACKOUTS, HURRICANES, AND\n                            OTHER DISASTERS\n\n                              ----------                              \n\n\n                        Monday, October 20, 2003\n\n             U.S. House of Representatives,\n      Subcommittee on Oversight and Investigations,\n                           Committee on Financial Services,\n                                                   Washington, D.C.\n    The subcommittee met, pursuant to call, at 2 p.m., in Room \n2128, Rayburn House Office Building, Hon. Sue W. Kelly \n[chairwoman of the subcommittee] presiding.\n    Present: Representative Kelly.\n    Also Present: Representative Kanjorski.\n    Chairwoman Kelly. This hearing of the Subcommittee on \nOversight and Investigations will come to order. This afternoon \nwe are going to have a hearing on the government and industry \nefforts to protect our money during blackouts, hurricanes and \nother disasters. The blackout which began on Thursday \nafternoon, August 14, left millions of Americans in the dark in \nmany ways. Many were stranded at work, wondering how to get \nhome. I know many of my own constituents who work in New York \nCity couldn't get home that nigh, and there were others that \nwere stranded at airports and in other transportation systems \nwondering when to give up, try to find alternatives and try to \nget home through all the dark corridors.\n    In the end, major cities from New York City to Detroit were \nwithout centrally generated power. Airports, water and sewerage \nplants and 9/11 emergency systems were shut down. The \ncommunications systems pretty much failed. It is now even \nclearer that the technology age that we live in, which allows \nus to provide services and access information in a heartbeat, \nhas increased our reliance on power.\n    It is imperative now that we review efforts to protect our \nsystems and the infrastructure that is ever more entwined and \ndependent on one another. At the heart of critical \ninfrastructure is the safety and soundness of the financial \nservices sector. Fortunately through all of this, it appears \nthat the financial services sector did not suffer any serious \nnegative impacts, but we need to use the recent blackout as a \ntest to assess the security and dependability of our financial \nsystems. Without a doubt, there are lessons to be learned and \nimprovements to be made.\n    Today we welcome Wayne Abernathy, the Assistant Secretary \nfor Financial Institutions at the Treasury Department, who will \nrelease a special report. If you are looking for it, this is \nwhat it looks like. He is going to release a special report on \nthe impacts of the blackout that will be crucial as to how to \nhandle disasters in the future. Assistant Secretary Abernathy \nworked around the clock with many of our other witnesses who \nwill be here today to implement backup plans during the \nblackout.\n    Joining Assistant Secretary Abernathy on our first panel is \nFederal Reserve Board Governor Mark Olson, who is also very \ninstrumental in these efforts.\n    Keeping our financial systems functioning and safe requires \na high degree of coordination between many different and \nimportant parties, both public and private. The private sector \nwitnesses on our second panel are leaders in protecting \ncritical financial assets from major disasters. These \nwitnesses, along with others in the private sector and \ngovernment who couldn't be represented here today, worked to \nensure that our money supply and funds flow would not be \njeopardized. The Depository Trust and Clearing Corporation, the \nNew York Stock Exchange, Nasdaq, and associations such as the \nBond Market Association played key roles to keep the markets \nworking during the blackout.\n    Many other agencies were also involved in addition to the \nTreasury Department and the Federal Reserve System, including \nthe SEC. As the regulator of the Nation's largest financial \ninstitutions, the supervisor of the New York State Banking \nDepartment, my good friend Diana Taylor, also played a key \nrole. We thank the SEC and Ms. Taylor for their written \nstatements which, without objection, we will submit into the \nrecord.\n    [The prepared statement of the Securities and Exchange \nCommission can be found on page 92 in the appendix.]\n    [The prepared statement of Diana L. Taylor can be found on \npage 86 in the appendix.]\n    Chairwoman Kelly. We really appreciate their statements. We \nlook forward to hearing accounts of how our witnesses managed \nduring the blackout and how emergency plans for protecting \ncritical infrastructure, the ones that have been in place \nbefore September 11, how they worked. There is no better \nindicator of success of those plans than the fact that there \nwas apparently no financial panic either during or after the \nblackout.\n    We also want to hear how prepared everyone was for a major \nhurricane and whether they understand what these plans are and \nwhether or not Hurricane Isabel had any serious consequences.\n    I thank the witnesses for appearing here today and look \nforward to your testimony. Together, I hope we can ensure that \nour financial systems continue to function smoothly under all \ncircumstances and the American people will continue to have \nconfidence in the financial services sector.\n    The Chair notes that there will be members coming from the \nfull committee and there will be members coming from this \nsubcommittee. So, without objection, all members who have \nstatements, questions to ask of the panels, and we ask the \nanswers to those questions be included in the record. So, \nwithout objection, so ordered.\n    With that, I will introduce our first panel. We welcome \nHonorable Wayne Abernathy, Assistant Secretary for Financial \nInstitutions at the Treasury Department, and the Honorable Mark \nOlson, member of the Board of Governors of the Federal Reserve \nSystem. The SEC was unable to appear today due to scheduling \nconflicts, so we invited the Commission to submit the statement \nwhich I have submitted for the record.\n    Additionally, I invited Ms. Diana Taylor, supervisor of the \nNew York State Banking Department, to submit a statement as \nwell about her activities in this area. So, with unanimous \nconsent, we have entered their statements in the record.\n    We thank you, Mr. Abernathy and Mr. Olson, both for \ntestifying before us and we welcome you on behalf of the \ncommittee. So, without objection, your written statements and \nany attachments will be made part of the record. And, without \nobjection, we are going to continue this hearing. I would hope \nthat you will give me a 5-minute summary of your testimony, \nbecause your testimony will--your full testimony will be in the \nrecord.\n    You will now be recognized for that 5-minute testimony. \nWhen the light changes color, you probably know, you have--when \nit goes from green to amber, you have 1 minute to pull your \nthoughts together and give us a summary. When it goes red, the \n5 minutes is over.\n    Chairwoman Kelly. And we will begin with you, Mr. \nAbernathy. It is very--I am very pleased to have you here with \nus today. Go to your testimony now, please.\n    [The prepared statement of Hon. Sue W. Kelly can be found \non page 34 in the appendix.]\n\n STATEMENT OF HON. WAYNE A. ABERNATHY, ASSISTANT SECRETARY FOR \n       FINANCIAL INSTITUTIONS, DEPARTMENT OF THE TREASURY\n\n    Mr. Abernathy. Thank you, Chairwoman Kelly, and members of \nthe subcommittee. It is a pleasure to be here today. I am today \nrepresenting not only the Department of the Treasury, but also \nthe Financial and Banking Information Infrastructure Committee, \nor FBIIC. The FBIIC is charged with improving coordination and \ncommunication among financial regulators, enhancing the \nresilience of the financial sector and promoting communication \nand coordination with the private sector entities that make up \nand operate within our financial services sector. I represent \nthe Department of the Treasury in chairing that committee.\n    Following recent events, the FBIIC conducted a review and \ncompiled a written report that you kindly mentioned in your \nstatement, The Impact on the Recent Power Blackout and \nHurricane Isabel on the Financial Sector, which the FBIIC is \nreleasing to the public today, and I submitted a copy of the \nreport together with my statement.\n    Both in preparation for potential disruptions and in \nresponding to actual threats, we are guided by four principles \nin order of importance:\n    First, and most important, we must remember in all that we \ndo to protect our financial infrastructure, that it is always \nabout people. It is the people that make our financial \ninstitutions work, people that design the systems, people that \nmake them successful, people that innovate to keep them fresh \nand dynamic, and it is people whom they are designed to serve; \npeople who rely upon financial services for so many aspects of \ntheir daily lives.\n    Second, because it is about people, it is about confidence. \nOur financial institutions operate on confidence, but they also \npromote confidence. In fact, confidence is what our financial \ninstitutions must provide; confidence that financial \ntransactions will be carried out, that checks will clear, that \nbills will be paid, that investments will be made, that \ninsurance promises will be kept. The confidence provided by \nfinancial institutions plays a big part in helping to cope with \nthe trauma of disaster.\n    Third, essential to that confidence is open markets. \nFinancial institutions should be open for business, allowing \nAmericans everywhere to engage in their business even during, \nor especially during, times of stress. It is important for \nfinancial institutions and markets to continue to operate as \nclose to business as usual as possible.\n    The fourth guiding principle is that we want to promote \nlocal decision making and problem solving both as we prepare \nfor disruptions and as we weather them. The experts that are on \nthe ground and in the field are in the best position to \ndetermine what steps should be taken to protect employees and \ncustomers. We will help where we can, where we need to, but we \nintend to leave the responsibility with the financial \ninstitutions and the regulators that are closest to the \nproblems to find the solutions. Initiative and ingenuity are \nthe most powerful tools to deal with any disruption, and we \nmust give full room for their exercise.\n    Impact of the power outage of August 14, 15, 2003. The U.S. \nFinancial system handled the outage well. The bond market and \nmajor equities and futures markets were able to open the next \nday for business at their usual trading hours. Neither the \nDepartment of the Treasury nor any of our companion financial \nregulators received reports of lost data, significant failed \ntransactions or other similar problems. Although there were \nisolated reports of telecommunications difficulties, the \nproblems were minor and the participants resolved these \nproblems during the day. Banks and credit unions also performed \nwell.\n    Although the impact of Hurricane Isabel was less \nsignificant in degree, it was quite similar in kind to the \nimpact of the power outage. Both resulted in widespread \ndisruptions of electric power and the businesses that depend on \nit. However, the storm did not adversely affect the financial \nmarkets.\n    There are several reasons why the U.S. Financial system \nfared so well. First and foremost, the men and women who work \nin the financial system did an extraordinary job. During the \noutage many stayed at their posts to ensure that their systems \npreserved and processed data from trading on Thursday and that \ntheir systems would be prepared to resume trading the next day, \non Friday. Almost immediately after the power went out on \nThursday, financial institutions began asking themselves not \nwhether they would open for business the next day, but how they \ncould best serve their customers' needs. This commitment to \nserve customers even in times of adversity is important. I wish \nto note that financial institutions decided on their own that \nthey would open for business the next day. They did not wait \nfor guidance from Washington.\n    There are many other things that we learned in terms of \nproblems that we need to resolve. Perhaps the most important is \nthe way in which our financial services sector depends on \nseveral others. For that reason, I would say even though the \nU.S. Financial system is more resilient today than it was a \nyear ago, the men and women who work in the system help make it \nso and they are the ones continuing to work on the problem \ntoday.\n    Our job is not finished. It is a big job. To paraphrase \nWinston Churchill, we are not at the end or even at the \nbeginning of the end, but we might be nearing the end of the \nbeginning. Americans and the world can rely with increasing \nconfidence on the U.S. Financial system. Thank you.\n    Chairwoman Kelly. Thank you very much, Mr. Abernathy.\n    [The prepared statement of Hon. Wayne A. Abernathy can be \nfound on page 35 in the appendix.]\n    Chairwoman Kelly. Mr. Olson.\n\n  STATEMENT OF HON. MARK W. OLSON, GOVERNOR, FEDERAL RESERVE \n                             SYSTEM\n\n    Mr. Olson. Thank you very much, Chairwoman Kelly. Thank you \nalso for inviting us and thank you for holding this important \nhearing. My comments will be very similar to Wayne Abernathy's \nand very similar to the summary that you just went through with \nrespect to the impact on the financial services industry. My \nfocus will be from the vantage point of the Federal Reserve \nSystem and on the banking industry. And to repeat what you \nsaid, the markets remained calm and by and large and the \ncitizens remained calm. Disruptions were relatively minor, more \nso I think as a result of the power outage than the hurricane, \nso I am going to focus a little bit more on the power outage \nand a little less so on the impact of the hurricane.\n    I think to start off, it is important to remind ourselves \nthe fact that the disruptions were minor was not accidental. \nThe banking industry has been faced with business disruptions \nover the course of its history and we had learned that business \ninterruption is a fact of life of managing the financial \nservices system. As a result of that, we make business \ncontinuity planning a very important part of our expectation \nfor banking executives and we examine for the capacity and the \ncapability of business continuity planning.\n    Also, I think it is important to remember that the events, \nfirst of all of Y2K and then the tragedy around September 11, \n2001, has introduced elements of risk exposure with respect to \nbusiness continuity that have required that we elevate the \nlevel of our preparation.\n    With specific focus on the power outage, as you recall, it \noccurred very late in the day on Thursday at about 4:11 or so, \nand the capital markets had closed, but very quickly the \nmarkets indicated that they would be open the following day, on \nFriday. As you probably know, banks are not allowed independent \ndiscretion as to whether or not to open during the normal \nbanking day, but both the Comptroller of the Currency and many \nof the State bank commissioners very quickly allowed for \nclosings should they be required. Our indication is that only \nperhaps a dozen banks in the entire impacted area closed, and \nthat would be a dozen out of a universe in those States perhaps \nbetween 500 and 700 total institutions. So it was very small.\n    The liquidity of the markets was relatively unimpacted. The \nFederal funds market was impacted slightly and there was some \nvolatility and that had to do with the fact that the Federal \nfunds market is the interbank borrowing/lending vehicle and \nmany of those transactions do not settle until the end of the \nday. So those were about to settle about the time that the \npower outage occurred. And so while there was volatility, it \nwas not significantly disruptive. Also the following day, on \nFriday, as a result of the carryover, there was some volatility \nalso.\n    From the consumers' point of view, the major impact was \naccess to ATM machines. Some ATM machines remained open either \nbecause the branch had backup power or because the ATMs were on \nbattery power. Consumers in general are not unused to \nexperiencing some kind of disruptions with respect to access to \nATMs. ATM machines are increasingly ubiquitous so it is not our \nperception that there were major problems. There are five \nseparate Federal Reserve facilities in the area of the power \noutage. All of them had backup power from generators and all of \nthem were fully functioning. As far as we know--and this is \nexactly what Wayne said--we are not aware of any financial \nrecords that were destroyed in the process.\n    With respect to Hurricane Isabel, the major advantage in \npreparation was that it was well anticipated. And as a result, \nthere was more extensive advance preparation, and that was \nevident. And key, of course, was the communication. In terms of \nthe agency coordination, we could see evidence of coordination \non three levels almost immediately from the vantage point of \nthe Fed. There was communication immediately among the Fed \ninstitutions and also among the agencies, the FFIEC and then \nmore broadly among the Federal Government agencies, so the \ncoordination was very strong.\n    Lessons learned: Probably the most important lesson learned \nfrom our perspective is that the best response is to be well \nprepared. It is a variation of a good offense is the best \ndefense. But clearly as a result of the preparation, the \nanticipation of the reverse of what could go wrong helped limit \nthe disruption.\n    Point number two, communications was important. And you can \nquantify to an extent the value of good communications. The \nTreasury markets for example were opened longer than the equity \nmarkets and the Treasury market dropped about 10 basis points. \nLong bonds dropped about 10 basis points almost immediately. As \nsoon as the announcement was made that the outage was not as a \nresult of a terrorist activity, the markets responded very \nquickly by returning to the pre-outage level. And that is a \nstrong indication of the value of good communication. In \naddition to the announcement that the markets would open again \non Friday these two announcements, went a long way I think in \nhelping calm the general public.\n    I think another important lesson learned is the need not \njust for an immediate backup facility, but the ability also to \nprovide for what might happen if that backup facility is \nrequired to stay functioning for some period of time; for \nexample, availability of a fuel source for institution using \ngenerators.\n    Chairwoman Kelly, we were very proud of the fact that \nwithin the Federal Reserve System a number of our employees \ncame in on Thursday and Friday during the hurricane, many of \nwhom stayed overnight. I would like to submit their names for \nthe record and make it a permanent part of this hearing.\n    [The following information can be found on page 84 in the \nappendix.]\n    Chairwoman Kelly. So moved.\n    Mr. Olson. And that concludes my opening remarks, and I \nwould be happy to answer any questions.\n    [The prepared statement of Hon. Mark W. Olson can be found \non page 65 in the appendix.]\n    Chairwoman Kelly. By all means, do submit the names of the \npeople who did spend many hours apparently sleeping on the \nfloor or working all night long. If you will get that to my \noffice, we will try to see that they get some recognition and \nthanks for what they did. It is imperative for the U.S. economy \nthat the markets stay open and that the banks stay open, so I \nam delighted to be able to acknowledge their efforts.\n    Thank you, Mr. Abernathy, for your testimony. I want to \nremind both you--both of you and the panelists for the next \npanel, I not only sit here on the Financial Services Committee, \nbut I am also on the Transportation and Infrastructure \nCommittee. And I was very interested in some of the testimony \ntoday that I was reading about the fact that there were some \ninfrastructure problems here. I think we need to put our heads \ntogether and work to make sure it is just not the power grid \ngoing down that was the problem. From what I understand, there \nwere issues like potable water and transportation issues with \nregard to getting fuel where it needed to go to keep the \ngenerators going, things like that.\n    I would be very interested in working with both of you and \nwith our next panelists on addressing specifically what went \nwrong to see if there is something I can do to help that \nsituation from a transportation and infrastructure decision as \nwell. So thank you very much.\n    I just want to ask a few questions here of both of you. I \nwould like to get a few details about your activities and those \nof the staff.\n    Mr. Olson, you told us your staff was there. I would like \neach of you to tell me where you were when the August 14 \nblackout occurred. I am more interested in that because it was \na sudden occurrence. We had a lot of preparation. We knew the \nhurricane was coming, so people could prepare for it. But with \na blackout, that is a sudden act and equal to something that \ncould be akin to a terrorist act. So to me, it is very \nimportant to know how this all worked.\n    And I agree with you, Mr. Olson, in your statement. I \nbelieve in this instance with regard to the financial services \nof America, the Boy Scout motto is the best: Be prepared.\n    With that in mind, tell me where you both were on the \nafternoon of August 14, and I would like to know whether or not \nyou were able to be in communication with the other regulators \nand the private sector counterparts, what worked and what \ndidn't work for you. If you could develop that for me, I would \nappreciate that.\n    Mr. Abernathy. If I may begin, Ms. Kelly, it is very \nfortuitous, that particular day we had chosen ahead of time as \nan opportunity to test one of our backup facilities and I was \nactually at one of the Treasury Department's backup facilities \ntesting our ability for me to do my job from a location other \nthan at main Treasury when this additional test occurred. And \none of the aspects of the test that made it very rewarding to \nus was that it presented a compound question: Can we not only \noperate from that backup facility but can we operate in a \ncrisis situation? And the answer is yes. I was able to do \neverything I could have done from my office in main Treasury at \nthis backup facility. I was in constant communication with the \nother regulators. I was in regular communication with the \nfinancial services sector. I could contact the different \nregulators and ask them how are your markets doing, any \ndisruptions, and I was very pleased that we are able to test \nboth our ability to coordinate but also coordinate from an \nunusual site.\n    Chairwoman Kelly. For you, what the systems were that you \nhad in place at that time, they worked as far as you could see?\n    Mr. Abernathy. Yes.\n    Chairwoman Kelly. Mr. Olson.\n    Mr. Olson. It occurred late afternoon on the Thursday. And \nin response to your comment about the Boy Scout motto, ``Be \nPrepared,'' I was fortunate that our resident Eagle Scout, \nSteve Malphrus, was available and he came into my office and \nindicated that there had been a power outage. As a result of \nsome of the preparation that we had been through and as a \nresult of the prioritizations that we had done previously, our \nfirst question was, are our people all right? That was the \nfirst that we have--as a result of the preparation we have \ndone, that is--that is the first question we asked.\n    Second question we asked, are the Fed facilities \nfunctioning? And we determined fairly quickly that they were \nfunctioning.\n    I think priority number three was to focus on Fedwire. \nFedwire is the large dollar payment system, and because of the \nfact for the most part the telecommunication system continued \nto work, Fedwire worked very well. We then initiated \ncoordination with the other agencies. And as a result, we were \nable to learn fairly quickly that, for example, the OCC had \ngiven its pronouncement with respect to opening the following \nday. In terms of the priority, it was people, systems, \nfacilities.\n    Chairwoman Kelly. Thank you. Each of you spent a number of \nyears dealing with disaster planning in the financial services \nsector. I would like to have you grade where we stand now and \nhow far we have come.\n    Let us start with how far you think we have come in terms \nof the grading scale. On a scale of zero to 10, with zero \nrepresenting the most vulnerable and 10 representing the total \nfixing of the problem, the ideal, we had some vulnerabilities \nwhich may have gotten fixed over the Y2K problem, but I would \nbe interested in your rating where we were and where we are now \njust on a scale of 1 to 10 to kind of give me an idea of what \nwe need to do here.\n    Mr. Abernathy. Well, I think that presupposes a level of \nprecision beyond where we are, but let me try to address the \nquestion this way. We certainly have been building upon \npreparations that have been in place over a number of years, \nand this is not something that the financial services sector \nwoke up to in 2001. As you have correctly pointed out, a lot of \nwhat we rely upon today began in preparation for the Y2K \nphenomenon. And that built upon other efforts that had already \nbeen in place. We have financial institutions recognizing a lot \nof their strength comes from their reliability, and the \nreliability depends on the ability to operate when there is a \ndisruption.\n    But each year has added to the ability to deal and cope \nwith a new challenge. Each new challenge presents some new \nchallenge that we didn't have before. I think what we have \nlearned from the blackout was the more significant degree of \ninterrelationship between the different infrastructures, as you \npointed out, how communications and transportation, how water \nand other infrastructure tie into the ability of the financial \ninfrastructure to operate and how they are interrelated. That \nis something we are probing now more than we did a few months \nago, although we had been doing some of that up to that point. \nProbably the best I can do with regard to numbers, I would say \nwe are much closer today to 10 than we are to zero.\n    Chairwoman Kelly. Mr. Olson.\n    Mr. Olson. Let me just elaborate a little bit on that. \nFirst of all, I think that if you would have asked the \nquestion, for example, in 1999, the scale of 1 to 10 would have \nbeen--would have covered a limited range. Our understanding of \nthe range of potential catastrophes is now much broader than it \nwas then. We have a wider universe of potential issues.\n    Let me give you one specific example. Prior to September \n11, in most of the business continuity planning that was done \nin the banking industry around the country, the expectation was \nthat people would be there. Now as a result of 9/11, we \nrecognize that we now have to plan under the assumption that \nperhaps the people won't be.\n    So I think we are still quantifying the extent to which we \nfully understand the risk exposures. I would say an 8 or a \nscale of 10 in terms of where we are now, because I think what \nwe are doing better now than we had done before is that we have \ntaken seriously all the planning and the need for additional \ntesting and conducting some dry runs. I think Wayne Abernathy's \nexperience, that he just described at Treasury, is typical of \nthe way we are now managing that risk exposure.\n    Chairwoman Kelly. Thank you.\n    Mr. Olson, I just want to ask one question about another \npiece of your testimony. You said that most--there were many \nATMs that were affected, but where they were located in banks \nand so forth, they were up and running. There are ATMs now in \nsupermarkets, in little corner grocery stores, at a bodega, \nwhatever. When the power went down I would have to assume that \nthose were the ATMs that were affected, were they not?\n    Mr. Olson. Probably. If they didn't have some kind of a \nbackup power facility, either a generator or battery, those \nprobably would have been the ones affected. Even within the \nbanking industry, there are some ATMs that do not have a \ngenerator backup facility or battery backup facility, but there \nare some kiosks, for example, where there are ATMs. So some of \nthose might have been out also.\n    Chairwoman Kelly. I am wondering if it would be a function \nthat perhaps we should consider--perhaps you should consider. \nWe certainly don't need a law, but as you say, be prepared. We \nshould help the public be prepared. And I am wondering if we \nshould ask the people who own ATM machines that did not have \nbackup power to post a notification that in the event of a \nblackout the ATM will not work, so that people understand that \nthey can't in a blackout go to those machines and expect them \nto work. I don't know how many lives that would affect, but it \nseems to me we should let people know what they got, because \nmany people do rely on a regular basis on the ATM being \navailable, and certainly people did try to get money from ATMs \nin places in New York City and in my district and they were not \nworking. I don't know what you think of that. Maybe you would \nlike to tell me.\n    Mr. Olson. I think it is an excellent question. And I would \nlike to look into it and get back to you regarding what we have \nlearned from that experience and the extent to which people \nwere--the extent to which they were disadvantaged and the \nextent to which they were aware of alternatives and could \naccess those alternatives. But we would be happy to follow up \nand get back to you on that.\n    Chairwoman Kelly. My concern is if it is in fine print when \nyou sign up to get an ATM card, you are not going to notice \nthat. But if it is printed on a sticker that is on the machine \nsomewhere that it will not function during a blackout, that is \na good thing for all of us to know. I think it is a good thing \nfor all of us to know.\n    Mr. Olson. There may be implications to that that aren't \noccurring to me at the moment, but we will look at that very \ncarefully and be happy to respond.\n    Chairwoman Kelly. There are two other questions I would \nlike to ask and then we will go to Mr. Kanjorski.\n    Mr. Abernathy, what impact did the move of the Treasury \npersonnel to start the Homeland Security Department have on the \nDepartment's capabilities with regard to disaster planning and \nrecovery?\n    Mr. Abernathy. As you know, Madam Chairman, we are in the \nprocess of the Homeland Security Department getting on its \nfeet. But already in its early stages, I think one of the \nbenefits we had was in this question of interrelating one \nparticular sector with another, so that as we were looking at \nthe financial services sector and finding out why certain \noperations continued to operate, they told us, well, we can \nkeep going for x number of hours but we are going to run out of \nfuel at some particular point. We can take that question then \nto the Homeland Security Council and say the financial system \nis working well, but we may need fuel oil to be able to power \ngenerators or diesel. And so we could go to them and, say, \nbring that problem and they can deal with it and understand the \nimportance of it and have in place systems to deal with that. \nSo I think it helped in the process of connecting the different \nsectors together.\n    Chairwoman Kelly. Good. That was part of the effect that we \nhoped would happen.\n    The other thing I would be interested in hearing is have \nyou done any--just sort of prior simulations of a blackout in \nany--I mean, this was not a simulated blackout on August 14, \nbut are there simulations that you have run? Did you run one in \nNew York City? And this is for both of you. I am interested in \nwhat magnitude, if you did run simulations, what the magnitude \nwas and whether or not that actual blackout experience we had \nmet what the parameters were that you had set in place if you \nhad run those simulations.\n    Mr. Abernathy. We have participated in a number of \nsimulations, some of which we sponsored, some of which have \nbeen sponsored by other agencies of the government. I don't \nrecall that any of the ones that we participated in envisioned \na blackout affecting 50 million people stretching from New York \nCity to Detroit. I will say this, though, and I made the \ncomment frequently afterwards to our staff and others as we \nlooked at how we dealt with the crisis. We were able to deal \nwith the problems related to the crisis not because we had \npracticed that particular simulation before, but because we had \ngone through a different number of simulation exercises, we had \nlearned to deal with the unexpected and we learned how to \ncommunicate with one another and work through problems that we \nhadn't envisioned ahead of time. And that kind of exercise, the \nfact that we have gone through a number of different \nsimulations, really paid off very well during the blackout.\n    Chairwoman Kelly. I am sure probably what you had done went \na long way to keeping consumer confidence in the market.\n    Mr. Olson, do you want to answer that?\n    Mr. Olson. I could repeat exactly what Wayne said, but let \nme give you an example of how it worked in the financial \nservices industry. When the tragedy of September 11 occurred \nand airplanes couldn't fly and there was a tremendous amount of \ndisruption in the economy, what we discovered, what financial \ninstitutions discovered, is they went back to the business \ncontinuity planning that they had done for Y2K and took all of \nthe disciplines from the Y2K preparation, and those disciplines \nwere immediately effective for them on 9/11.\n    And so that is a good example of how you plan for business \ndisruption, but not necessarily for a specific one, but the \nplanning has multiple benefits when you plan broadly.\n    Chairwoman Kelly. Thank you very much. I want to again--I \nwant to hold this report and tell you I read the draft report \non this and I was very, very impressed with the ability that \nyou had in place already before that blackout to hold things \ntogether, let the markets continue to function. Of course, we \nwere lucky because it happened at the end of the trading day in \nsome instances; but having that report, I think, should go a \nlong way to a certain stability and peoples' expectations with \nregard to anything else if we have another blackout.\n    I am going now to Mr. Kanjorski.\n    Mr. Kanjorski. Thank you Madam Chairman.\n    Mr. Abernathy, you discussed the fact that the American \nStock Exchange remained closed for most of the following day \nafter the August blackout. How will the interagency paper \nfinalized earlier this year and in the process of being \nimplemented by the private sector help to ensure that similar \nevents do not occur in the future as major financial entities \nwork to establish their backup facilities required by this \nguidance? What are the most important issues for them to \nconsider with respect to electricity, telecommunications, \ntransportation and water resources?\n    Mr. Abernathy. I think those are the key elements to look \nat. The purpose of the white paper--we didn't participate in \nthe drafting of the white paper, although we are the consumers \nand commentors on it--that was a project of a number of the \nfinancial agencies themselves. But what we have learned from \nthat and how it applied in the blackout is there are a number \nof things you can do to deal with the foreseeable, such as \nproviding distance, providing training for personnel, making \nsure that you have not only facilities located in another \nplace, making sure your backup system may not be exactly the \nsame place as someone else's backup system is. One of the \nproblems we discovered in 9/11, a lot of people had backup \nfacilities, but they all had the same ones. They were sharing \nthe same backup facilities.\n    So one of the things we learned through the white paper is \nnot only ask what are your backup facilities, but how much do \nthey overlap with someone else's. And sometimes the backup is--\nrequires a backup to the backup, and that is a case that we \nhave in some of the financial institutions. We have a first set \nof backup facilities in place, but the backup to those are now \ncoming on-line as well, which will further reinforce our \nability to switch. The other thing is make sure you have the \npersonnel available to run these facilities.\n    And time, I guess, is the other factor, I would emphasize. \nNot only do you have the backup facility, but how quickly can \nit come on line. The more quickly you can bring your backup \nfacility on line, the more quickly you can limit the damage \nfrom a disaster, and, particularly if it is a terrorist attack, \nthe more you can take away the fruits of that terrorist attack \nthat the terrorist is looking for. The terrorist is looking to \ndisrupt our ability to engage in commerce. The more quickly you \ncan bring your backup facilities on-line, you can deny that \nterrorist what he is trying to obtain.\n    Mr. Kanjorski. Is there any task force that has the \nCongress's participation in the white paper or the interagency \npaper in terms of whether we are getting there, whether we are \ncovering everything? As I understand the interagency paper, it \nstates that a facility must be located beyond 50 miles of \nManhattan, and I suspect that that is in order to provide for a \nnuclear blast. In case the city was struck by a nuclear weapon, \nthey would want to be more than 50 miles out of the territory.\n    Mr. Abernathy. If I could make one comment, I think the 50 \nmiles was in the original draft paper and since has been \nreplaced with a more subjective requirement that you should \nhave adequate distance or adequate time. The goal is you are \nable to get your system back up within certain time frames.\n    Mr. Kanjorski. Within 2 hours.\n    Mr. Abernathy. Right. It may be that distance provides \nthat. It may be in a financial institution you don't need the \ndistance, you just need to have separate types of electronics \nor personnel.\n    Mr. Kanjorski. Is somebody putting guidance together? What \nhappens if I am handling a large part of the trades on the \nmarkets and am 10 miles away but within the blast zone? Is that \nconsidered a backup facility?\n    Mr. Abernathy. Those issues are the ones we wrestle with \nevery day. And I would say the follow-up entity to carry out \nthose recommendations would be the FBIIC, that on a regular \nbasis compares notes with one another, encourages each \nparticular financial agency to be working with their regulated \nentities to see how they are doing and implementing those \nguidelines that are put in place in the white paper; reviewing \nto what extent the guidelines that are in the white paper and \nother guidelines have become out of date due to new things we \nknow as a result of the infrastructure as well as changing \ntechnologies.\n    Mr. Kanjorski. Well, the August blackout was very \ninformative in terms of comparing that overlay with the \noriginal thinking in the interagency paper. If you look at it \nand making the assumption that the 50-mile radius is the \nintelligent radius to be away from your major facility, then \nyou look at what happened to electricity and find out that \nabout half of the zone that you could relocate in, that was in \nthe same power grid. So obviously that wouldn't be a retreat \narea.\n    And then the most significant part I think is the \nwatershed. New York City is served with both the Hudson \nwatershed and Delaware watershed. And in case of biological \nattack, it would seem to me if I were a terrorist, I would go \nway upstream and I would blank out a good half to two-thirds of \nacceptable area that backup facilities could be located in.\n    Is somebody testing the judgments of the companies that are \nmaking the decision to put a continuity business facility in \nplace, or are we relying totally on their judgment to do that?\n    Mr. Abernathy. That is something in particular that \nGovernor Olson can talk about. What we understand from the \nfinancial regulators, that kind of judgment is a constant \nsource of discussion between the financial supervisors and the \npeople they supervise. There is a discussion that continuously \ntakes place in the examination process as well in the process \nof implementing and designing sources of resiliency.\n    Mr. Kanjorski. Governor, do you want to pass on that?\n    Mr. Olson. I will support what Wayne Abernathy said. As \npart of the supervision that we would do for financial \ninstitutions, as we would examine their business continuity \nplanning. The FFIEC, the coordinating group, recently expanded \nthe criteria that we use in our examination of business \ncontinuity planning from the banking industry. But you hit on \nthe key ones. Environmental is certainly one. Infrastructure is \ncertainly one. Availability of people is another one. And the \nimpact, for example, of an evacuation would be another one that \nwould be used. And since post-9/11, we have expanded the \nexpectation.\n    But there are two keys. First of all, and the most \nimportant one, is people. Are you allowing for the safety of \nthe people? And point number two, it is the speed of recovery \nto get the systems back on track. So as Wayne Abernathy \nsuggested, the idea of a specific mileage implication to it or \ncriteria to it is less important than to be able to demonstrate \nthe capability to respond.\n    Mr. Kanjorski. One of the areas I noted in watching the \nvarious plans is the lack of adequate infrastructure for \ntelecommunications for relocation sites. Most of these \ninstitutions have to have merit data recording, which means \nthey have to use fiber optics and they are restricted to the \nspeed of light, so they are restricted as to how far out they \ncan locate from Manhattan. And I think the parameter for most \nof the technology companies that I have talked to is about 125 \nmiles from Manhattan. The problem that is occurring, however, \nis some areas that are viable for continuity of business \nrelocation sites do not necessarily have in place the fiber \noptic systems to carry the transactional load that would be \nrequired for continuity of business backup.\n    I guess my question to you is, are we going to do anything \nin the homeland security bill or appropriations to either \nassist utility companies or communication companies to lay that \nfiber optic, or is that going to be the sole burden of the \ncompanies that want to locate facilities?\n    Mr. Abernathy. I can't really respond to what is in the \nappropriations bill with regard to telecommunications. That is \nnot something----\n    Mr. Kanjorski. To my knowledge there is nothing.\n    Mr. Abernathy. But I would like to emphasize, though, that \nyou are exactly right that telecommunications plays an \nimportant role on how we run our financial services. Of all the \nother different systems that interact with the financial \nservices, I would probably place telecommunications right at \nthe top. And one of the things we are engaged in and looking at \nvery carefully is how dependent we are, and how building up \nredundancies in the telecommunication system can be brought \nforward, keeping in mind how important that is.\n    Mr. Kanjorski. Even, Mr. Abernathy, getting an inventory of \nsystems in place. Many companies refuse to disclose the \nlocations or distances of their fiber optic systems. And it is \ndifficult for someone to cite a continuity of business \nlocation, not knowing what the route is or the difficulty of \nthe distance to the relocation site.\n    All I am raising is that there is a need for a little more \ncomprehensive activity on the part of Treasury, the Federal \nReserve, and the other regulators that are involved to make \nsure that we get some redundancy and we get some cooperation \nbetween other Federal and State agencies with the private \nsector to make sure the infrastructure is available for \ncompanies to make the proper decision as to when they can \nlocate, where they can locate, and how quickly they can be back \nup in business.\n    Mr. Abernathy. I would say that interrelationship is the \nnumber one lesson we learned from the blackout, which is the \ninterrelationship of all the different systems.\n    Mr. Kanjorski. Tell me we are moving very quickly and in 18 \nmonths we are going to have all those continuity of business \nlocations.\n    Mr. Abernathy. We are working very hard on it.\n    Mr. Kanjorski. If we want to work with someone at Treasury \nor the Federal Reserve, who should we be talking to?\n    Mr. Abernathy. In the congressional office, John Duncan \nwould be the person for Treasury.\n    Mr. Olson. In our case, Steve Malphrus, who happens to be \nhere, but he is the communications point.\n    Mr. Kanjorski. He is the guru.\n    Chairwoman Kelly. Thank you. I would like to simply say \nthat representing the area that I do, which is 50 miles north \nof New York City and the entire lower third of New York City's \ndrinking systems plus major manufacturing, IBM, huge number of \nthings in my district, we have addressed some of these things. \nAnd I think Mr. Kanjorski's question about somewhere, even if \nit has to be kept at an above-secret level, there ought to be \nsome kind of an inventory, that is not a bad question. But I do \nknow that some of this has been addressed, because I also \nrepresent the Indian Point nuclear plants and we have looked at \nnot only evacuations but some of these other questions that had \nbeen raised.\n    I would hope that we can work with you both if you have \nneeds with regard to infrastructure, so we can make sure we \nhave what you need and we can work together.\n    The Chair notes that some members may have additional \nquestions for the panel. They may wish to submit them in \nwriting. Without objection, the hearing record will remain open \nfor members to submit questions and place responses in the \nrecord.\n    This panel is excused with the committee's great \nappreciation for your time. Thank you very much.\n    I would like to introduce our next panel. First is Ms. \nRhonda MacLean, Private Sector Coordinator, Financial Services \nCritical Infrastructure Protection and Homeland Security \nissues, and the Director of Corporate Information Security at \nthe Bank of America; Ms. Catherine Allen, CEO of BITS, at the \nFinancial Services Roundtable; Mr. Donald Kittell--hope I \npronounced that right--Executive Vice President of the \nSecurities Industry Association; and Mr. Howard Schmidt, Vice \nPresident and Information Security Officer at eBay, and the \nformer Chair of the President's Critical Infrastructure \nProtection Board. We thank you all.\n    Chairwoman Kelly. And we will begin with you, Ms. MacLean.\n\n   STATEMENT OF RHONDA MACLEAN, PRIVATE SECTOR COORDINATOR, \n   FINANCIAL SERVICES CRITICAL INFRASTRUCTURE PROTECTION AND \n    HOMELAND SECURITY, AND DIRECTOR, CORPORATE INFORMATION \n                   SECURITY, BANK OF AMERICA\n\n    Ms. MacLean. Thank you, Chairwoman Kelly and Representative \nKanjorski, as well as members of the subcommittee for inviting \nme here today for this important hearing. I am honored to be \nhere to speak on behalf of the financial services sector and my \nrole as the Department of Treasury-appointed Private Sector \nCoordinator for Critical Infrastructure Protection. The \nfinancial sector chose to form a Financial Services Sector \nCoordinating Council with the public sector support and \nencouragement and with Treasury's leadership.\n    I want to recognize Treasury Assistant Secretary Wayne \nAbernathy and Deputy Assistant Secretary Michael Dawson for \ntheir instrumental leadership in promoting and supporting our \nefforts for an effective public-private partnership. It has \nreally served as a model for other sectors such as \ntelecommunications and energy and the like. The council \nconsists of 25 organizations that through their constituents \nrepresent the majority of the financial services sector. These \norganizations include key national exchanges; clearing \norganizations; trade associations in the banking, securities, \nbond, and insurance segments of our industry; and key \nprofessional institutes.\n    Information provided in my written testimony identifies the \nmembers of our council and additionally includes a diagram \ndepicting an extremely important aspect of why we believe our \nsector has such an effective and real public-private \npartnership at the sector level.\n    As Mr. Abernathy indicated, the public sector has formed \nthe Financial and Banking Information Infrastructure Committee, \nthe FBIIC. And periodically both members of our council and the \ncommittee need to discuss and work together to address sector-\nwide issues and initiatives that focus on strengthening the \nresiliency of our sector.\n    Our councils work on five strategic areas and I will \nbriefly discuss each of those:\n    First is the information and dissemination and information \nsharing. Our goal here is to provide a universal service for \ndisseminating trusted and timely alert and warning information \nto all sector participants. We believe that this type of \ninformation sharing will continue to increase the general \noverall knowledge about physical and cybersecurity operational \nrisks that face our sector. We have gone from approximately 70 \nfinancial institutions receiving this important information to \nnow over 8,000 who are receiving this information today. This \nsignificant step forward in our goal was accomplished through \nthe many council members leveraging their constituents' \ncontacts to distribute the critical alerts. Our next generation \nISAC will continue to improve on this information dissemination \ndirectly to the financial institutions themselves. The sector \nawareness and outreach activities we are implementing is a \nprogram for homeland security and information--critical \ninfrastructure protection initiatives that include regional \nforums. The local and regional efforts are in most cases the \nfront lines in the times of crisis and are an important element \nin the overall communications flow during the times of crisis \ncoordination and crisis management. The council also has a \nresearch and development task group that is working with \nTreasury to determine priority for research and development \nneeds of our sector. We have also been working on our Sector \nNational Strategy to revise that document in response to the \ntwo national strategies President Bush released in February. \nThis is our vehicle to really define tactical, actionable and \nmeasurable programming to direct and advance our sector-wide \ncritical infrastructure and homeland security efforts for the \nresiliency of our sector.\n    Lastly, the subject of this hearing has focused on the \ncouncil's efforts around crisis and response management. When \nevents occur with broad sector or national impact, a plan and \nadopted approach for sector-wide crisis management must exist, \nincluding coordination with government entities and other \ncritical infrastructure sectors on which we depend. At a sector \nlevel the council uses a crisis communicator capability \ndeveloped and supported by BITS that allows council members to \nconvene in times of emergency. Timely communication and \neffective coordination is essential to ensure the financial \nsector maintains its resiliency and ensures public confidence. \nWe have had numerous opportunities to trust our crisis \nmanagement procedures at a local, regional, and sector level. \nIf we examine the August blackout, which had larger geographic \nimpact than Hurricane Isabel from a power outage perspective, \nwe came through those events beautifully but also with the \nlessons learned as described before.\n    As sector coordinator I was able to participate and receive \ninformation from numerous activities led by council \nassociations, clearing corporations, and Treasury-led \ngovernment teams. Additionally, because of the close working \nrelationship developed among sector coordinators while working \ntogether on critical infrastructure protection initiatives, our \nsector received regular updates on restoration activities. In \nthe case of the blackout, Mr. Michael Gant, sector coordinator \nfor the electric power, provided regular updates and outage \nprogress and really worked with us in our coordination effort. \nThis level of direct communication was invaluable as efforts \noccurred to evaluate the situation and plan next steps.\n    This past Thursday and Friday our council held its regular \nquarterly meeting in New York City where lessons learned were \ndiscussed by the council and FBIIC with the New York Office of \nEmergency Management. It was clear that the blackout allowed \nmany organizations to apply crisis communication and management \nimprovements post-9/11. The council members decided to work on \nidentifying the various calls that now typically occur in times \nof crisis and will use the blackout experience as a case study. \nThe sector-wide effort being undertaken by the council will \nseek to identify opportunities for improving sequencing of \nthese calls and other options for better information flow and \nemergency communications. This effort will be coordinated with \nour public sector colleagues and other sectors upon which we \nhave specific dependence.\n    My two colleagues on this panel, whose leadership for our \nsector has been instrumental in the formation of the council \nand leadership within the council, will be speaking on some of \nthe outstanding work their organizations have accomplished and \nspecific lessons learned from both the blackout and Hurricane \nIsabel, together with recommendations.\n    Ms. MacLean. In summary, Chairwoman Kelly and members of \nthe committee, we believe that a strong public/private sector \npartnership is the primary reason for our success. The \nGovernment and the private sector's coordinating efforts during \nthe recent power outage and storms demonstrated the \npreparedness work done by many organizations that have yielded \nvery positive results. These efforts have helped to ensure our \ncritical efforts are resilient and we are worthy of maintaining \nthe public confidence.\n    Thank you for your opportunity to testify.\n    [The prepared statement of Rhonda MacLean can be found on \npage 57 in the appendix.]\n    Chairwoman Kelly. Thank you, Ms. MacLean.\n    Ms. Allen.\n\nSTATEMENT OF CATHERINE ALLEN, CEO, BITS, THE FINANCIAL SERVICES \n                           ROUNDTABLE\n\n    Ms. Allen. Thank you, Chairwoman Kelly and Congressman\n    Kanjorski and other members of the committee, for the \nopportunity to testify. I am Catherine Allen, CEO of BITS, a \nnot-for-profit industry consortium of the 100 largest financial \ninstitutions in the U.S. BITS is the sister organization to The \nFinancial Services Roundtable, and our mission is to serve the \nfinancial services industry where it interfaces between \ncommerce, technology and financial services. We are not a \nlobbying organization.\n    Our work is shared not only among our members but \nthroughout the financial services sector, and you will see that \nin a minute. I experienced firsthand the outage. We were in \nDetroit at BITS meetings and experienced not having water, \npower, telephone and many of the other things, along with the \nCIOs and CTOs of a number of the financial institutions.\n    Bottom line, the financial services industry and our \ncustomers fared well. Backup systems worked, ultimate \ncommunications systems were used, and there was no measurable \nimpact on settlement and payments. There was excellent \ncooperation in communications among the financial services \nregulators, Treasury and the financial sectors.\n    Three major reasons why I think the Nation's system fared \nso well were, first of all, preparation. As Mr. Olson said, the \nevents of 9/11 and subsequent preparations by both the private \nand public sector helped us trust each other and helped us with \nour abilities to communicate, shift to backup systems and \ncontinue operations.\n    A second thing was the early announcement that this was not \na terrorist event, and I cannot reinforce how important that \nwas. This helped to alleviate public concerns and made for \norderly execution of business continuity processes.\n    Thirdly was the diversity of communications. Again I \npersonally can attest to how you use cell phones until they run \nout of juice and then you use Blackberrys and you save cell \nphones to communicate with others. Actually, throughout the \nevent Assistant Secretary Wayne Abernathy and I were \nBlackberrying back and forth in preparation that BITS and the \nRoundtable held.\n    There also were some critical lessons from the event. The \npower grid must and should be considered among the most vital \ncritical infrastructures that needs investment to make sure it \nworks. The cascading impact cannot be overstated.\n    Secondly, water for cooling systems and personal hygiene is \noften controlled by electricity. People do not think about \nthat, and that is what caused many organizations to close their \noffices or delay opening.\n    Lastly, communications must be viewed as an integrated \nsystem. We must be able to use diverse communications and \nunderstand the vulnerabilities, address those vulnerabilities \nand make sure we have diversity and redundancy.\n    Attached to our testimony is a wide variety of lessons \nlearned from the outage and specific recommendations. We \ngathered these from what our members experienced during the \noutage.\n    The most important lesson, however, that was learned was \nhow interdependent the critical infrastructures were and also \nhow fortunate we were that it was not a terrorist driven event \nor we had a cyber security event at the same time. We need to \nlook strategically and holistically at the Nation's critical \ninfrastructures and what can be done to enhance resiliency, \nreliability, redundancy and diversity.\n    BITS has addressed a number of the interdependency issues \nand Congressman Kanjorski, you are right on about your points \nabout the telecommunications industry. That has been our most \nimportant effort this past year, the understanding of the \ninventory and what they had and how we would know whether they \nhad backup offices.\n    BITS has led an effort on behalf of the financial sector in \nassessing telecommunications vulnerabilities and enhancing \nrecovery. We have worked with the National Communication \nSystem, the NCS, of the DHS, who are helping us, and I can say \nthere is unparalleled cooperation going on right now between \nthe telecom and financial sectors. The results have included a \ndetailed and confidential assessment of the interdependencies \nin these routes that you were mentioning in a specific \ngeographic area and we are looking at how we replicate that \nthrough other areas.\n    Best practices in telecommunications and financial \nprocurement policies, pilots to model the costs of attaining \ngreater diversity and redundancy, adoption by our CEOs of the \nNRICK best practices in physical and cyber security and \nobviously education in both sectors. There are many other \nthings that we have done in the crisis management area.\n    I will point out two areas that also relate to this, and \nthat is the IT service providers. There is a press release \naccompanying this hearing that talks about the BITS framework \nfor managing technology risk. We must look at our IT service \nproviders and our vendors as closely as we look at ourselves \nand we have to make sure that we manage the risk--our risk \nmanagement strategies are in place in working with them.\n    Secondly is the area of software security. We have worked \non a BITS product certification program where we test software \nproducts against security criteria the industry developed.\n    Again a press release accompanies this hearing, talking \nabout the development of a user driven coalition to address the \nissues of software development, as well as the patch management \nprocess. We urge the committee to consider all aspects of \ncritical infrastructure, the software and operating systems, \nthe service providers, the critical infrastructure industries \nand the practices of firms, industries and Government in \naddressing not only these power outages but future disasters \nand related events.\n    I will end with the five key recommendations that we have \nwith the committee. One is to invest in the power grid because \nof its critical and cascading impact; in fact, investment in a \nnumber of the critical infrastructures, such as power, \ntelecommunications, and transportation, their incentives, such \nas tax credits, credits for investment, R&D investment and \ndirect Government investment.\n    Number two, announce early whether an event is terrorist \nrelated, or not. I cannot tell you how critical this was to our \nmaintenance of our crisis management procedures and \ncommunications.\n    Three, establish improved coordination committee procedures \nacross the critical infrastructures, specifically with the \nFederal, State and local government.\n    Number four, recognize that the financial sector is driven \nby its trusted reputation as well as regulatory requirements. \nNot all other sectors are the same way, and we need to look at \nthis again holistically.\n    And lastly and most importantly, recognize and review the \ndependence of all critical infrastructures on software \noperating systems and the Internet. A cyber attack of some kind \nwhich impacts communications, SCADA systems and first responder \nsystems would put us at terrible risk. Compounding the problem \nis the lack of security software development processes and a \ncurrent inefficient software patch process that not only cost \nus millions but put us at greater risk.\n    It is an alarming issue and critical to the Nation's \ninfrastructure. A clear understanding of the role of software \noperating systems and the higher duty of care, particularly \nwhen serving the Nation's critical infrastructures needs to be \nexplored.\n    Again, thank you for this opportunity, and I will look \nforward to answering questions.\n    [The prepared statement of Catherine Allen can be found on \npage 42 in the appendix.]\n    Chairwoman Kelly. Thank you very much.\n    Mr. Kittell, please.\n\n   STATEMENT OF DONALD D. KITTELL, EXECUTIVE VICE PRESIDENT, \n                SECURITIES INDUSTRY ASSOCIATION\n\n    Mr. Kittell. Thank you, Chairwoman Kelly and Congressman \nKanjorski.\n    I am Donald Kittell, Executive Vice President of the \nSecurities Industry Association.\n    Since 9/11 the security industry has invested a great deal \nof time and resources in business continuity plans. The opening \nof the market following the blackout I think was clear proof \nthat those plans were viable, at least in the event of a \nblackout occurring at about 4:30 on a Thursday afternoon. I \nwould particularly highlight the support we received from New \nYork City, as well as from State, Federal and regulatory bodies \nduring the event.\n    Early assurances that this was not a terrorist act was very \nimportant, and after 9/11, dealing with the blackout was a \nrefreshingly easy problem. When street power was lost, there \nwas essentially a seamless transition to backup power among all \nthe firms and the exchanges. The Securities Industry Automation \nCorporation, or SIAC, processes for the New York Stock \nExchange, the American Stock Exchange, the National Market \nSystems, Depository Trust, Fixed Income Clearing and other \norganizations. Those sites were protected by battery backup \ncombined with backup generators, and there were no \ninterruptions in processing and no loss of data.\n    Similarly, SIAC's safety system, which was installed \nsubsequent to 9/11 to provide alternative telecommunications \nconnectivity between securities firms and the infrastructure \nexchanges, operated throughout the blackout without difficulty.\n    Depository Trust activated both its remote sites and its \nremote operating locations, both of which were developed \nfollowing 9/11, so they were actually operating their data \ncenter in New York from a remote operating center successfully.\n    The American Stock Exchange, we talked about earlier, was \nable to activate backup generators for its building and trade \nsystems but not its cooling systems because of a shutdown of \nConEd steam power. The AmEx obtained emergency steam generation \npower later on Friday, was able to open and perform an orderly \nclose at the end of the day.\n    But I would like to come back to Congressman Kanjorski's \nquestion about the AmEx if we have time later.\n    Some securities firms relocated to backup sites, others \noperated under both backup and main primary sites, but \nessentially all firms were able to operate following the \nblackout.\n    SIA's command center was activated within minutes of the \nblackout and conducted conference calls throughout Thursday \nnight, the following Friday, and into the weekend, and these \ncalls were integrated with those of the regulators and other \nindustry organizations.\n    SIA has maintained a seat at the New York City Office of \nEmergency Management since the Y2K days, and that was \ninvaluable; in fact, it was the OEM that arranged the backup \nsteam for the AmEx, as well as arranging for delivery of fuel \nto backup generator sites.\n    We believe there is value to adding other people to our \nnetwork of calls, primarily in the telecommunications area, but \nalso with data vendors and service bureaus, and we are working \nto accomplish this. I think the main thing we have learned with \nthese calls is that it is not so much the preparation and \nstructuring of them but just the flexibility we have of being \nable to talk to each other when an event occurs.\n    There were some infrastructure issues. The two worst \nproblems were loss of communications and transportation. The \ncell phone service degraded pretty rapidly once the backup \nbattery power was over and some of the land line switches in \nBrooklyn and mid-town Manhattan were disabled. Instances were \nidentified where fuel delivery trucks could not be reloaded \nbecause of, again, pumps that did not have backup power.\n    Transportation systems were immobilized, and many employees \nwere stranded. Actually, this was a good thing from the \nstandpoint of opening the markets but not so good for the \npeople involved. Ferries continued to operate but they were \noverwhelmed by the number of riders. As a result, many firms \nare reconsidering plans to keep critical employees on-site as \nwell as shutting down their operations and sending people home.\n    Vis-a-vis Hurricane Isabel, the New York City OEM was our \nprimary source of information, and fortunately we were able to \navoid any major challenge there, but we are very cognizant of \nthe risk we run in Lower Manhattan of a hurricane. We were \nfortunate that both the blackout occurred when it did and that \nthe hurricane did not impact New York in a significant way.\n    The blackout occurred after trading hours in daylight, on a \nThursday of the week. It is just about the best time we could \norder up a blackout. We would have faced very significant \nchallenges if it had occurred during trading hours or if it had \noccurred early in the morning before the work force actually \nwas able to get into the city.\n    With respect to the hurricane, we are well-aware of the \npotential flood damage in downtown Manhattan. Again, New York \nCity OEM would be our key guidance there as far as evacuation \nis concerned, so although the early reports and preparation \nwere fine, I think we are very cognizant of the fact that a \nhurricane with a direct hit in New York would present much more \nserious problems than what we had with the blackout.\n    Since 9/11, the industry, in partnership with Federal, \nState and city emergency management associations, regulatory \nagencies, service providers, has improved its resiliency. We \nare proud of the progress to date. We continue to address \nvulnerabilities in the future.\n    Thank you, Congresswoman Kelly.\n    [The prepared statement of Donald D. Kittell can be found \non page 52 in the appendix.]\n    Chairwoman Kelly. Thank you very much.\n    Now, we turn to you, Mr. Schmidt.\n\nSTATEMENT OF HOWARD A. SCHMIDT, VICE PRESIDENT AND INFORMATION \n     SECURITY OFFICER, eBAY, INC., AND FORMER CHAIR OF THE \n      PRESIDENT'S CRITICAL INFRASTRUCTURE PROTECTION BOARD\n\n    Mr. Schmidt. Thank you very much, Chairwoman Kelly members \nof the committee. My name is Howard Schmidt. I am the Vice \nPresident and Chief Information Security Officer for eBay, \nwhere I lead a team who is responsible for the security, \ntrustworthiness and availability of the services that bring so \nmany global citizens together each day.\n    Today I come to you more as an individual, primarily, who \nhas had the privilege of working with many committed \nindividuals in the private sector, law enforcement and \ngovernment to forge a collaboration and cooperation to \nessentially safeguard the sort of resources we need through \ncyberspace and we have seen protected as a result of the \nblackout.\n    I had the privilege of assisting in the formation of some \nof the first collaborative efforts in this arena and led the \ncreation of the Information Technology Information Sharing and \nAnalysis Center, or the IT-ISAC, and now I am serving as the \nfirst President. This was in the aftermath of PDD-63.\n    Later I was appointed by President Bush to serve with \nRichard Clarke running the President's Critical Infrastructure \nProtection Board, in which many of the issues we are talking \nabout here today were part of the key issues we were looking at \nas we put together the National Strategy to Defend Cyberspace, \nand that national strategy, I might add, was a combination of \nwork done by BITS, the Financial Services ISAC, many of the \nFederal Government agencies, as well as the Congress and many \nof the private citizens across the United States.\n    But I want to talk for a moment about the successes that \nthe financial services community had that enabled us to \ncontinue business during the blackout and the recent hurricane. \nIt served to deepen our appreciation of the interdependencies \nbetween the Internet and the critical infrastructure and those \npieces of commerce that we depend on, as many saw the perfect \nstorm of the convergence of two Internet worms that were \noccurring at the same time the blackout was taking place, but \nalso, as the Congressman pointed out, between the power and \ntelecommunications infrastructure. We were also reminded that \nmuch of the work that we did in the preparation of the cyber \nsecurity plan also gave us the resiliency and the ability to \nprotect ourselves because those same plans in a cyber attack \nwere the same plans we needed to put in place to minimize the \neffect of the blackout we saw.\n    One of the things that has helped reduce the impact of this \nevent as well as others is the ability to share information \nacross sectors and across competitor lines. It was particularly \nrewarding to see many companies, strong competitors in the \nmarketplace, share information about backup strategies, share \ninformation about disaster recovery sites. So we can indeed \nenjoy the benefits of the services they provide us on a day-to-\nday basis.\n    As a matter of fact, during the summer events for the \nblackout, we saw for the on-line industry approximately a 10 to \n15 percent reduction of activity during the power outage \nitself, but that was primarily related to the fact that many \ncitizens who would use the Internet could not even log on to be \nable to conduct some of the transactions, but in doing so, one \nof the resources we turned to was the financial impact report \nby various industries, and looking at this, it cited in the \nreport the credit card and sales authorizations, which is one \nof the main focuses we looked at with eBay, for online sales \nwould lose $2.6 million an hour if they were unable to conduct \ntheir transactions, and even home shopping was estimated to \nhave losses of $113,000 per hour if the system was not \navailable.\n    There is much we can do to prepare for these sort of \nevents, and once again I cite the interrelationship between \ncyber attacks on our infrastructure or the critical events we \nhave seen this summer.\n    In this case, the Internet connects about 170 million \ncomputers and an estimated 680 million users. There is an \nestimated growth rate going to 904 million by the end of 2004, \nand you can see eBay is a prime example of how deeply ingrained \nthe Internet is to American life and the dependency we have on \nthe power of the telecommunications systems to bring these \nbuyers and sellers together.\n    More fundamentally, and I think this is pretty important to \nunderstand this, by our location in the backup strategies and \nthe redundancy that we have in the overall infrastructure \nsystem, the stores stayed open during the crisis times where \nphysical stores were incapable of opening at that point.\n    I want to also point out that some of the emerging \nsolutions we have are some of the issues around the United \nStates Computer Emergency Response Team, which has just now \nbeen appointed up in Carnegie Mellon University by the \nDepartment of Homeland Security.\n    By bringing the sector coordinators such as Rhonda MacLean, \nthe Information Sharing Analysis Centers, by participation of \nmany of those folks and the work done in PDD-63 with the \nDepartment of Treasury, Department of Homeland Security, we can \nthen continue to move forward and make sure that those \ndisruptions we have seen indeed have minimal impact on our \nability to transact business online and particularly in the \nfinancial sector.\n    In closing, I just want to comment on the fact that one of \nthe, I think, keystone milestones that we are seeing coming \nforth is in the first part of December the Department of \nHomeland Security, in conjunction with many of the folks that \nyou have heard from my colleagues here today are putting on a \nNational Cyber Security Summit out on the West Coast, and this \nsummit will be cohosted by private sector organizations, the \nDepartment of Homeland Security, Department of Treasury, and we \nintend to as a result of that put together a task force which \nwill continue to evolve in a position where the power \nblackouts, the effects of the hurricane will have less of an \neffect on the infrastructure we depend on, both \ntelecommunications and the power blackout, and we will continue \nto work on these plans going forward and working with your \ncommittee to make sure that we serve the American public as \nwell as the private sector interests of the country, with which \nwe are both very much in tune.\n    Chairwoman Kelly, this concludes my remarks and I welcome \nany questions that you have.\n    [The prepared statement of Howard A. Schmidt can be found \non page 76 in the appendix.]\n    Chairwoman Kelly. Thank you very much, Mr. Schmidt.\n    Can you tell us the date of that?\n    You just said that you are going to have the Cyber Security \nSummit, but you didn't, I believe, mention the date. Even if \nyou did, let's emphasize it.\n    Mr. Schmidt. I did not. It is in my written testimony. It \nis December 3rd, and the venue is still being worked on by DHS, \nand I understand Secretary Ridge is also having a personal hand \nin putting this very, very valuable summit together.\n    Chairwoman Kelly. Yes, I am sure it will be valuable.\n    We have been talking about a number of problems with IT \nsoftware, as well as the hardware, and I am hopeful that both \nof those will be addressed at that summit?\n    Mr. Schmidt. Yes. As a matter of fact, they are. There are \ntwo specific task forces looking at quality control and \nengineering, and taking the efforts that many of the software \ncompanies and hardware companies have really turned their \nbusiness models around to focus on security and availability; \nas a matter of fact, to the displacement of some of the feature \nissues that we are going to have a complete task force work \nwith those issues to make sure that that gets accelerated.\n    Chairwoman Kelly. Given your White House background, I \nwould like to know how the financial sector would have handled \nthe power outage in August differently had it been the result \nof a terrorist attack or if it had been a particular terrorist \nattack on a cyber section.\n    Mr. Schmidt. I think that is one of the interesting points, \nas I tried to point out during my testimony, that many of the \nresources and many of the programs that we put in place \nrelative to the aftermath of September 11 and actually going \nback even to PDD-63 were the same things we needed to do for \ndisaster recovery of business continuity, so therefore had we \nnot had the focus we had over the past 5 years I think it would \nhave been a different story. So whether it is a terrorist \nattack, a cyber attack, I think the steps the financial sector \ntook in preparation of this are the right steps and they \ncontinue to move in the direction to even make this more \nvaluable.\n    Chairwoman Kelly. Thank you.\n    I would like to ask Ms. MacLean, what was, for your group \nand for you possibly and your sector, what was the biggest \nsurprise that you found during the blackout, a problem or \nsomething that worked that you didn't think was going to work?\n    Ms. MacLean. I think the biggest--well, it was no surprise \nthat it worked, and that only came because of the amount of \ntesting and focus this particular area, business continuity and \nresiliency, has on our sector in general.\n    I think the biggest surprise for me was in actually setting \non some of the telecoms the issue of dealing with some of the \npersonal inconveniences for people, such as the sanitation \nsystems being dependent on the electric power, and I know in \nour case and some of the New York buildings being on a very \ntall floor was a very inconvenient process, and so making sure \nthat we had good sanitary conditions, together with getting \nfood in to people who had stayed through the night and through \nthe days following the blackout, to make sure everything was \noperational I think was the key thing that--and also making \nsure we had enough flashlights, because that is another area \nwhere you may have backup resiliency but you really do not have \nenough to power lighting, and so you need to have other kinds \nof capabilities there on hand.\n    So it is the people issue again that I think continues to \nhave additional focus in many of our institutions.\n    Chairwoman Kelly. What do you think should be done with \nregard to battery backup? I understand that there were places \nthat had battery backup but then after a while the battery \nsimply expired.\n    Ms. MacLean. Well, for the systems to maintain \noperational--I mean, that runs on large generators, that \nprovided adequate backup. I think the smaller battery backup \njust for a small area I think is where it gets a little bit \nmore complicated and I think we need to look at what are some \nof the alternatives. Again, I think it is more of a people \nissue rather than it is the system. The systems are going to be \nrun through the large generators, which seemed to have \nadequacy.\n    Chairwoman Kelly. I am interested in the mix that we have \nbeen talking about, this interrelationship, and you pointed out \nsanitary systems on the upper floors weren't exactly working, \nand Mr. Kanjorski brought up the fact that there were some \nproblems that possibly could have been some problems with \nregard to drinking water.\n    Your sector--or any of you, let me address this to all of \nyou: Are you planning to try to work with the third parties \nthat control these systems to try to put something in place \nfairly soon or do you feel that is just the way it is going to \nbe?\n    Ms. MacLean. Well, let me take a cut at that answer. I \nthink the sector coordinators, there is a sector coordinator \nfor water and power, for emergency, I mentioned Mr. Michael \nGant. There is also a telecommunications sector coordinator, \nand we do meet on a regular basis and this is the focus of a \nlot of our talk in discussions and looking at what are the \ninitiatives we need to have cross-sector to make sure that we \nare working together.\n    The interdependencies is what is at--is the main point that \nwe need to get at, and I understand those intersections of \ninterdependencies, and make sure we have adequate plans in \nplace to address those things.\n    Mr. Kittell. Our best work there is with the New York City \nOffice of Emergency Management, where we get more results with \nthe OEM talking to the water companies than we do talking with \nthe water companies directly. Same thing with telecom in an \nevent like this. So that problem is identified on our list of \nthings that we are chasing down.\n    Chairwoman Kelly. That is good to hear. I suspect we in the \nNew York area have had--obviously, we have had a little more \nexperience in some other areas in dealing with this, but I just \nstill do not think we have it put together. I think it is very \nimportant that these integrations of systems be worked on and \nbe made to work.\n    I have other questions. I will submit some of them in \nwriting, but in the interest of time I am going to go to Mr. \nKanjorski.\n    Mr. Kanjorski. I thank Ms. Kelly.\n    Ms. MacLean and Mr. Kittell, one of the most important \naspects of disaster recovery planning for very large financial \nentities and for clearinghouses concerns the maintenance of a \nsynchronized realtime redundancy.\n    As I understand, to address this issue many firms currently \nrely on annual descriptions to the disaster recovery systems, \nbe it known as SunGard and IBM Global Services, but when a \ndisaster strikes at these first, first in line in receiving \nassistance, they may not be first to receive help.\n    What will happen to our markets if all of the disaster \nspace is taken? What could financial firms do to prepare for \nsuch contingencies?\n    Mr. Kittell. Well, I think we had that situation with 9/11, \nCongressman. The backup sites at the companies you mentioned \nwere swamped with all of the firms that were affected by 9/11 \nand they did, I would say, a very good job of not only using \ntheir preplanned space but also giving up their own offices and \ndata centers for use by the firms that needed it.\n    There was also a tremendous--as you know, there was a \ntremendous voluntary effort on the part of other firms in the \nindustry, offering desk space and data center space, and so on, \nin a cooperative way across the industry, so I think we have \nalready had that event. I think as a result of the event the \ncapacity in those backup organizations has been increased, and, \nyou know, depending on the nature of the event to come, we are \ncertainly in much better shape than we were pre-9/11. Whether \nwe could defend against some of the scenarios that people talk \nabout is obviously an open question.\n    Mr. Kanjorski. Do you want to respond along that line?\n    Ms. MacLean. Well, I think Don Kittell has really done a \ngood job of articulating. The 9/11 really did--at the end of \nthe day, we did work very, very well, even though we did reach \ncapacity. As a result, though, also, you mentioned the \ninteragency white paper that has been published. Institutions \nare required to look at those recommendations in that white \npaper and are in the process of implementing and assessing \ntheir programs against that, the recommendations made in the \ninteragency white paper.\n    As we go forward, the focus is really to continuously \nimprove and assess your capabilities and ensure that you can \nmeet those 2 and 4-hour guidelines, and I think that is where \nthe real question comes in, is the innovativeness and the \ndifferent capabilities that we can bring to bear to meet those \ntime lines, and that is where the focus is today.\n    Ms. Allen. Yes, I might just address that, too, because we \nhave done work in the outsourcer area, we have viewed them as \nthird parties, and that is part of what this framework that we \ndeveloped for the industry was, to look at present best \npractices that financial institutions need to require of their \nthird-party providers.\n    We actually are having a meeting on this, a conference on \nthis, on outsourcing, on November 6 and 7, and, again, it \nfocused on preparedness, on the requirements, so that \noutsourcers meet the same level of standards that we require \ninternally and to look at where the gaps are, so that we make \nsure that we have enough capacity in the outsourcing industry \nto handle it if we have a major disaster.\n    Mr. Kanjorski. Does that create some unfair competition, if \nsome companies respond by doing the job in accordance with the \nwhite paper and others decide to take the chance not to do it? \nIf a disaster doesn't occur, the latter group gets a \ncompetitive advantage. Of course, if the disaster does occur, \nthe former group gets a competitive advantage. And if someone \nlooked at whether or not there was a need for compulsion as \nopposed to voluntarism?\n    Ms. Allen. That is my point. The point about the financial \ninstitutions were all regulated. We all have certain levels of \nregulation or compliance that we must meet, but we oftentimes \ncompete with nonfinancial institutions who do not have to meet \nthe same regulatory oversight or liability or business \ncompliance requirements that we do, and it is one of our \nreasons we focus on outsourcers, to make them meet the same \nrequirements, but they aren't really regulated. It is only at \nour request or our demands that they meet that.\n    Other critical infrastructure facilities that we rely on, \nwe totally rely on in some cases, do not have the same \nregulatory oversight or do not have the same kind of \nrequirements that we do. So that makes it difficult. The \ninteragency white paper is a good example of requiring us to \ncome back up in a certain time period. We can do what we can \ninternal to our walls, but when we are dependent upon the \ntelecommunications or the power industry, we cannot always be \nsure that they will be there.\n    Mr. Kittell. I would comment on that. I do not think firms \nlook at this as a competitive issue the degree to which they \nbuild resilient facilities.\n    The issue that is debated is what events do you defend \nagainst and which ones have a high enough probability that will \nresult in the investment paying off, and that is the debate \nthat takes place between firms individually and with the \nregulators, whether it is the Fed or the SEC or the Treasury.\n    What events have I agreed to defend against and how have I \ndefended against them, and there are some scenarios that some \nfirms freely admit they are not pretending to defend against, \nbut I think that is the primary debate. What do you defend \nagainst and what do you not? It is not a question of \ncompetitiveness, one way or the other.\n    Mr. Kanjorski. Thank you very much, Ms. Kelly.\n    Chairwoman Kelly. Thank you.\n    Ms. Allen, I would like to go back and ask you a question \nabout the outsourcing problem that you raised.\n    We talk about cost/benefit, and my next question is going \nto be to this panel on cost about all of this, but one of the \nreasons we see an increase in outsourcing in a number of areas \nis it does cost less.\n    From what you now know, do you believe that there is a \nFederal regulatory position that we should be thinking about \ntaking, with regard to people who do affect our financial \nstructures who are in an outsourced position and perhaps not on \nthe shores of the United States of America?\n    Ms. Allen. I would have to come back with an answer on \nwhether you should take a regulatory perspective. I will say \nthat that is a target. The idea of having industry marks and \nbest practices and requirements of outsources, whether they are \ninside our territory or whether they are in India, China, or \nother places, our financial institutions are requiring the same \nlevel of standards of those two types of outsourcing entities, \nand I think that it is important that a number of the \nregulators will go into major outsourcers, providers that \nprovide the majority of services to the financial institutions \nand actually will examine them. It is on a limited basis, but \nit also is helpful in making sure those outsourcers know they \nare going to be looked at in terms of their capabilities.\n    I would have to come back to you on the regulatory part of \nit.\n    Chairwoman Kelly. When you said that you require the same \nlevel of standards, we have been talking about the fact that we \nhere in the United States, while we do have a lot of standards, \nsome of our standards were deeply affected by the availability \nof power, water, and so forth.\n    Are those levels required of outsourced?\n    Ms. Allen. Again, we are asking in the framework, and we \nalso are ready to launch a major, what I call, security \nassessment, it is a matrix. It is standardized, whether it is a \nfinancial institution or a consultant or auditing firm goes in \nand looks at an outsourcer, it is the same questions, again \nwhether they are located in the U.S. Or outside the U.S., their \ndependency on power, on telecommunications, having backup \nsystems, making sure they can get people to their sites. So we \nare viewing them just the same as having our own backup system \n50 miles away or 200 miles away. If it is 2,000 or 20 miles \naway, it is the same way looking at that outsource capability.\n    Chairwoman Kelly. Thank you very much.\n    I want to go back and ask you all the same question: Has \nthere been a study, do you have any idea what the cost is, with \nregard to planning, putting in place the things that we need to \nmake sure that the systems, the financial systems in America \nstay up and running despite any kind of a disaster?\n    All of the disaster planning we have done has cost money. \nYour conferences cost money, and this money is currently coming \nfrom the private sector, so we in the Government really, I do \nnot think, have a handle on it.\n    Do any of you have a handle on it and can you tell us what \nthe costs look like, and I am going to start with you, Ms. \nMacLean.\n    Ms. MacLean. Well, there has been a number of different \nstudies that you can--the Gardiner Group I know has done some \nmarking between different institutions where you can get some \ncomparison data about what the investment is with large \norganizations or medium organizations who are looking at their \nbusiness continuity and business preparedness. So there is some \nindependent individual studies for the purpose of marking.\n    I am not aware, maybe some of my colleagues here are aware, \nof an overall study that quotes would be a good source of \nsomething, but that is something we surely could look into and \nmake available to you and to your staff.\n    Chairwoman Kelly. I am just wondering about the insurance \nindustry. For instance, they said that the cost of the blackout \ncould be estimated in several billion dollars from what I \nunderstand.\n    I want to know if there has been any objective look at the \nlosses in that sector alone, let alone all the things we have \nput together. So perhaps we could take a look at that.\n    Ms. Allen, would you like to respond to that?\n    Ms. Allen. There are isolated studies, again the Gardiner \nstudy, we ourselves are dimensioning the costs to our industry \nof patch management, what it costs to go back in for the \nSlammer, for the SoBig to fix that, so we have a handle on how \nbig this issue is.\n    We could come back to you, and I will give you some \nisolated studies that I have seen on the cost of business \ncontinuity, cost of requirements to be able to have the kind of \nphysical security you need.\n    We are working with the telecommunications industry right \nnow to dimension the cost to provide the level of diversity and \nredundancy that they now provide to the FAA and if we were to \nprovide that to financial institutions. There aren't numbers on \nthat yet, but we will be happy to share that once we know it.\n    Chairwoman Kelly. Mr. Kittell?\n    Mr. Kittell. Yes.\n    The SIA did a cost study of the Y2K conversion at something \nin the neighborhood of $5 billion over 3 years. We did a \nsimilar kind of study for the conversion of decimals, which was \nabout two billion over 2 years, or so.\n    We also did a cost estimate of moving from T3 settlement to \nT1 settlement, of about $8 billion over about a 4 or 5-year \nperiod.\n    These numbers are very gross. They will take into account \nIT and other budgets that are addressing lots of other things \nbesides the specific projects that we talked about, because \nthey get into fundamental infrastructure capacity.\n    It is very hard to isolate one number from another. We have \nnot done a number on business continuity planning over the last \n2 or 3 years, but depending on who is calculating and what \nobjective they are trying to reach, I would say you would see \nnumbers comparable to maybe the decimal conversion or Y2K.\n    Chairwoman Kelly. Thank you.\n    Mr. Schmidt.\n    Mr. Schmidt. Yeah, I do not know of a comprehensive study, \nbut some of the university relationships I have had, I am going \nto go back and ask them to start working on one and ask them to \nprepare for that. But this Eagle Rock Alliance out of New \nJersey has done an hourly breakdown on what the losses might \nbe, and I found that particularly interesting on some of the \ndata points they have got, but the whole issue of the \navailability, part of the service level agreements that many of \nus are now doing--and I believe Catherine mentioned it--with \nour outsourcing partners, that basically we are not only having \nthat as part of the contractual agreement but we are also \nengaging with other companies to do an audit to make sure they \ncan deliver on that. So it is having a cascading effect on some \nof the smaller partners out there, which then gives us a better \navailability later on to say yes, we can deliver within that 2 \nto 4-hour time frame.\n    Chairwoman Kelly. Thank you. Would this panel have any \nfinal recommendations for this committee with regard to the \nissue we are addressing today?\n    Ms. Allen. I would just like to commend Congress for \npassing the Defense Production Act with the definition of \ncritical infrastructure industries included in that. I think \nthat was a great step forward for us in prioritization of \nservices.\n    Mr. Kittell. I would say it is appropriate from our point \nof view from a legislative and a regulatory point of view to \nask firms to address the risks that they identify, for example, \nin the outsourcing question earlier, that it is reasonable to \ntake some sort of regulatory action vis-a-vis have you \nconsidered the complications of outsourcing and what have you \ndone with it, as opposed to trying to write--which I think \nwould be very difficult--write some sort of regulatory scheme \naround standards or principles or the way things need to be \ndone, because each firm really has unique resources to play \nwith, unique solutions to defend against these issues.\n    Chairwoman Kelly. My inclination is to agree with you. \nBefore I came to Congress I noticed that every time Congress \nwrote a law it seemed to sort of foul things up a little bit. \nSo maybe we can stay out of that and the industry can deal with \nit. Certainly it seems as though you have been dealing with it \nvery well.\n    Mr. Schmidt, our final comment here.\n    Mr. Schmidt. Yes, thank you.\n    My recommendation would be for the committee to do as it \nhas been doing, maintain the dialogue with those of us in the \nprivate sector that are the owners and operators of this, and I \nthank you for your leadership and the Congressman for his \nleadership in making sure that we, indeed, keep it to where the \nprivate sector can effect the changes without imposing \nregulations that probably do not work.\n    Chairwoman Kelly. Good, thank you.\n    This committee thanks all of you for staying here for such \na long period of time. I appreciate it very much, and the Chair \nnotes that some members may have additional questions for the \npanel. They may wish to submit them in writing. So without \nobjection, the hearing record will remain open for 30 days for \nmembers to submit the written questions to these witnesses and \nplace their responses in the record.\n    This second panel is excused, with our great thanks and \nappreciation for your time.\n    I want to briefly thank all the members and the staff for \nthe assistance that they have given us in making this hearing \npossible.\n    This hearing is adjourned.\n    [Whereupon, at 3:52 p.m., the subcommittee was adjourned.]\n\n\n                            A P P E N D I X\n\n\n\n                            October 20, 2003\n[GRAPHIC] [TIFF OMITTED] T2642.001\n\n[GRAPHIC] [TIFF OMITTED] T2642.002\n\n[GRAPHIC] [TIFF OMITTED] T2642.003\n\n[GRAPHIC] [TIFF OMITTED] T2642.004\n\n[GRAPHIC] [TIFF OMITTED] T2642.005\n\n[GRAPHIC] [TIFF OMITTED] T2642.006\n\n[GRAPHIC] [TIFF OMITTED] T2642.007\n\n[GRAPHIC] [TIFF OMITTED] T2642.008\n\n[GRAPHIC] [TIFF OMITTED] T2642.009\n\n[GRAPHIC] [TIFF OMITTED] T2642.010\n\n[GRAPHIC] [TIFF OMITTED] T2642.011\n\n[GRAPHIC] [TIFF OMITTED] T2642.012\n\n[GRAPHIC] [TIFF OMITTED] T2642.013\n\n[GRAPHIC] [TIFF OMITTED] T2642.014\n\n[GRAPHIC] [TIFF OMITTED] T2642.015\n\n[GRAPHIC] [TIFF OMITTED] T2642.016\n\n[GRAPHIC] [TIFF OMITTED] T2642.017\n\n[GRAPHIC] [TIFF OMITTED] T2642.018\n\n[GRAPHIC] [TIFF OMITTED] T2642.019\n\n[GRAPHIC] [TIFF OMITTED] T2642.020\n\n[GRAPHIC] [TIFF OMITTED] T2642.021\n\n[GRAPHIC] [TIFF OMITTED] T2642.022\n\n[GRAPHIC] [TIFF OMITTED] T2642.023\n\n[GRAPHIC] [TIFF OMITTED] T2642.024\n\n[GRAPHIC] [TIFF OMITTED] T2642.025\n\n[GRAPHIC] [TIFF OMITTED] T2642.026\n\n[GRAPHIC] [TIFF OMITTED] T2642.027\n\n[GRAPHIC] [TIFF OMITTED] T2642.028\n\n[GRAPHIC] [TIFF OMITTED] T2642.029\n\n[GRAPHIC] [TIFF OMITTED] T2642.030\n\n[GRAPHIC] [TIFF OMITTED] T2642.031\n\n[GRAPHIC] [TIFF OMITTED] T2642.032\n\n[GRAPHIC] [TIFF OMITTED] T2642.033\n\n[GRAPHIC] [TIFF OMITTED] T2642.034\n\n[GRAPHIC] [TIFF OMITTED] T2642.035\n\n[GRAPHIC] [TIFF OMITTED] T2642.036\n\n[GRAPHIC] [TIFF OMITTED] T2642.037\n\n[GRAPHIC] [TIFF OMITTED] T2642.038\n\n[GRAPHIC] [TIFF OMITTED] T2642.039\n\n[GRAPHIC] [TIFF OMITTED] T2642.040\n\n[GRAPHIC] [TIFF OMITTED] T2642.041\n\n[GRAPHIC] [TIFF OMITTED] T2642.042\n\n[GRAPHIC] [TIFF OMITTED] T2642.043\n\n[GRAPHIC] [TIFF OMITTED] T2642.044\n\n[GRAPHIC] [TIFF OMITTED] T2642.045\n\n[GRAPHIC] [TIFF OMITTED] T2642.046\n\n[GRAPHIC] [TIFF OMITTED] T2642.047\n\n[GRAPHIC] [TIFF OMITTED] T2642.048\n\n[GRAPHIC] [TIFF OMITTED] T2642.049\n\n[GRAPHIC] [TIFF OMITTED] T2642.050\n\n[GRAPHIC] [TIFF OMITTED] T2642.051\n\n[GRAPHIC] [TIFF OMITTED] T2642.052\n\n[GRAPHIC] [TIFF OMITTED] T2642.053\n\n[GRAPHIC] [TIFF OMITTED] T2642.054\n\n[GRAPHIC] [TIFF OMITTED] T2642.055\n\n[GRAPHIC] [TIFF OMITTED] T2642.056\n\n[GRAPHIC] [TIFF OMITTED] T2642.057\n\n[GRAPHIC] [TIFF OMITTED] T2642.058\n\n[GRAPHIC] [TIFF OMITTED] T2642.059\n\n[GRAPHIC] [TIFF OMITTED] T2642.060\n\n[GRAPHIC] [TIFF OMITTED] T2642.061\n\n[GRAPHIC] [TIFF OMITTED] T2642.062\n\n[GRAPHIC] [TIFF OMITTED] T2642.063\n\n[GRAPHIC] [TIFF OMITTED] T2642.064\n\n[GRAPHIC] [TIFF OMITTED] T2642.065\n\n[GRAPHIC] [TIFF OMITTED] T2642.066\n\n\x1a\n</pre></body></html>\n"