[House Hearing, 108 Congress]
[From the U.S. Government Publishing Office]





                   GOVERNMENT AND INDUSTRY EFFORTS
                      TO PROTECT OUR MONEY DURING
                       BLACKOUTS, HURRICANES, AND
                            OTHER DISASTERS

=======================================================================

                                HEARING

                               BEFORE THE

                            SUBCOMMITTEE ON
                      OVERSIGHT AND INVESTIGATIONS

                                 OF THE

                    COMMITTEE ON FINANCIAL SERVICES

                     U.S. HOUSE OF REPRESENTATIVES

                      ONE HUNDRED EIGHTH CONGRESS

                             FIRST SESSION

                               __________

                            OCTOBER 20, 2003

                               __________

       Printed for the use of the Committee on Financial Services

                           Serial No. 108-58


92-642              U.S. GOVERNMENT PRINTING OFFICE
                            WASHINGTON : 2003
____________________________________________________________________________
For Sale by the Superintendent of Documents, U.S. Government Printing Office
Internet: bookstore.gpo.gov  Phone: toll free (866) 512-1800; (202) 512ï¿½091800  
Fax: (202) 512ï¿½092250 Mail: Stop SSOP, Washington, DC 20402ï¿½090001

                 HOUSE COMMITTEE ON FINANCIAL SERVICES

                    MICHAEL G. OXLEY, Ohio, Chairman

JAMES A. LEACH, Iowa                 BARNEY FRANK, Massachusetts
DOUG BEREUTER, Nebraska              PAUL E. KANJORSKI, Pennsylvania
RICHARD H. BAKER, Louisiana          MAXINE WATERS, California
SPENCER BACHUS, Alabama              CAROLYN B. MALONEY, New York
MICHAEL N. CASTLE, Delaware          LUIS V. GUTIERREZ, Illinois
PETER T. KING, New York              NYDIA M. VELAZQUEZ, New York
EDWARD R. ROYCE, California          MELVIN L. WATT, North Carolina
FRANK D. LUCAS, Oklahoma             GARY L. ACKERMAN, New York
ROBERT W. NEY, Ohio                  DARLENE HOOLEY, Oregon
SUE W. KELLY, New York, Vice Chair   JULIA CARSON, Indiana
RON PAUL, Texas                      BRAD SHERMAN, California
PAUL E. GILLMOR, Ohio                GREGORY W. MEEKS, New York
JIM RYUN, Kansas                     BARBARA LEE, California
STEVEN C. LaTOURETTE, Ohio           JAY INSLEE, Washington
DONALD A. MANZULLO, Illinois         DENNIS MOORE, Kansas
WALTER B. JONES, Jr., North          CHARLES A. GONZALEZ, Texas
    Carolina                         MICHAEL E. CAPUANO, Massachusetts
DOUG OSE, California                 HAROLD E. FORD, Jr., Tennessee
JUDY BIGGERT, Illinois               RUBEN HINOJOSA, Texas
MARK GREEN, Wisconsin                KEN LUCAS, Kentucky
PATRICK J. TOOMEY, Pennsylvania      JOSEPH CROWLEY, New York
CHRISTOPHER SHAYS, Connecticut       WM. LACY CLAY, Missouri
JOHN B. SHADEGG, Arizona             STEVE ISRAEL, New York
VITO FOSSELLA, New York              MIKE ROSS, Arkansas
GARY G. MILLER, California           CAROLYN McCARTHY, New York
MELISSA A. HART, Pennsylvania        JOE BACA, California
SHELLEY MOORE CAPITO, West Virginia  JIM MATHESON, Utah
PATRICK J. TIBERI, Ohio              STEPHEN F. LYNCH, Massachusetts
MARK R. KENNEDY, Minnesota           ARTUR DAVIS, Alabama
TOM FEENEY, Florida                  RAHM EMANUEL, Illinois
JEB HENSARLING, Texas                BRAD MILLER, North Carolina
SCOTT GARRETT, New Jersey            DAVID SCOTT, Georgia
TIM MURPHY, Pennsylvania              
GINNY BROWN-WAITE, Florida           BERNARD SANDERS, Vermont
J. GRESHAM BARRETT, South Carolina
KATHERINE HARRIS, Florida
RICK RENZI, Arizona

                 Robert U. Foster, III, Staff Director

              Subcommittee on Oversight and Investigations

                     SUE W. KELLY, New York, Chair

RON PAUL, Texas, Vice Chairman       LUIS V. GUTIERREZ, Illinois
STEVEN C. LaTOURETTE, Ohio           JAY INSLEE, Washington
MARK GREEN, Wisconsin                DENNIS MOORE, Kansas
JOHN B. SHADEGG, Arizona             JOSEPH CROWLEY, New York
VITO FOSSELLA, New York              CAROLYN B. MALONEY, New York
JEB HENSARLING, Texas                CHARLES A. GONZALEZ, Texas
SCOTT GARRETT, New Jersey            JIM MATHESON, Utah
TIM MURPHY, Pennsylvania             STEPHEN F. LYNCH, Massachusetts
GINNY BROWN-WAITE, Florida           ARTUR DAVIS, Alabama
J. GRESHAM BARRETT, South Carolina


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on:
    October 20, 2003.............................................     1
Appendix:
    October 20, 2003.............................................    33

                               WITNESSES
                        Monday, October 20, 2003

Abernathy, Hon. Wayne A., Assistant Secretary for Financial 
  Institutions, Department of the Treasury.......................     3
Allen, Catherine, CEO, BITS, The Financial Services Roundtable...    18
Kittell, Donald D., Executive Vice President, Securities Industry 
  Association....................................................    20
MacLean, Rhonda, Private Sector Coordinator, Financial Services 
  Critical Infrastructure Protection and Homeland Security, & 
  Director, Corporate Information Security, Bank of America......    15
Olson, Hon. Mark W., Member, Board of Governors, Federal Reserve 
  System.........................................................     5
Schmidt, Howard A., Vice President and Information Security 
  Officer, eBay, Inc., and former Chair of the President's 
  Critical Infrastructure Protection Board.......................    22

                                APPENDIX

Prepared statements:
    Kelly, Hon. Sue W............................................    34
    Abernathy, Hon. Wayne A......................................    35
    Allen, Catherine.............................................    42
    Kittell, Donald D............................................    52
    MacLean, Rhonda..............................................    57
    Olson, Hon. Mark W...........................................    65
    Schmidt, Howard A............................................    76

              Additional Material Submitted for the Record

Olson, Hon. Mark:
    Federal Reserve System letter, October 22, 2003..............    84
New York State Banking Superintendent Diana L. Taylor, prepared 
  statement......................................................    86
U.S. Securities and Exchange Commission, prepared statement......    92

 
                    GOVERNMENT AND INDUSTRY EFFORTS
                      TO PROTECT OUR MONEY DURING
                       BLACKOUTS, HURRICANES, AND
                            OTHER DISASTERS

                              ----------                              


                        Monday, October 20, 2003

             U.S. House of Representatives,
      Subcommittee on Oversight and Investigations,
                           Committee on Financial Services,
                                                   Washington, D.C.
    The subcommittee met, pursuant to call, at 2 p.m., in Room 
2128, Rayburn House Office Building, Hon. Sue W. Kelly 
[chairwoman of the subcommittee] presiding.
    Present: Representative Kelly.
    Also Present: Representative Kanjorski.
    Chairwoman Kelly. This hearing of the Subcommittee on 
Oversight and Investigations will come to order. This afternoon 
we are going to have a hearing on the government and industry 
efforts to protect our money during blackouts, hurricanes and 
other disasters. The blackout which began on Thursday 
afternoon, August 14, left millions of Americans in the dark in 
many ways. Many were stranded at work, wondering how to get 
home. I know many of my own constituents who work in New York 
City couldn't get home that nigh, and there were others that 
were stranded at airports and in other transportation systems 
wondering when to give up, try to find alternatives and try to 
get home through all the dark corridors.
    In the end, major cities from New York City to Detroit were 
without centrally generated power. Airports, water and sewerage 
plants and 9/11 emergency systems were shut down. The 
communications systems pretty much failed. It is now even 
clearer that the technology age that we live in, which allows 
us to provide services and access information in a heartbeat, 
has increased our reliance on power.
    It is imperative now that we review efforts to protect our 
systems and the infrastructure that is ever more entwined and 
dependent on one another. At the heart of critical 
infrastructure is the safety and soundness of the financial 
services sector. Fortunately through all of this, it appears 
that the financial services sector did not suffer any serious 
negative impacts, but we need to use the recent blackout as a 
test to assess the security and dependability of our financial 
systems. Without a doubt, there are lessons to be learned and 
improvements to be made.
    Today we welcome Wayne Abernathy, the Assistant Secretary 
for Financial Institutions at the Treasury Department, who will 
release a special report. If you are looking for it, this is 
what it looks like. He is going to release a special report on 
the impacts of the blackout that will be crucial as to how to 
handle disasters in the future. Assistant Secretary Abernathy 
worked around the clock with many of our other witnesses who 
will be here today to implement backup plans during the 
blackout.
    Joining Assistant Secretary Abernathy on our first panel is 
Federal Reserve Board Governor Mark Olson, who is also very 
instrumental in these efforts.
    Keeping our financial systems functioning and safe requires 
a high degree of coordination between many different and 
important parties, both public and private. The private sector 
witnesses on our second panel are leaders in protecting 
critical financial assets from major disasters. These 
witnesses, along with others in the private sector and 
government who couldn't be represented here today, worked to 
ensure that our money supply and funds flow would not be 
jeopardized. The Depository Trust and Clearing Corporation, the 
New York Stock Exchange, Nasdaq, and associations such as the 
Bond Market Association played key roles to keep the markets 
working during the blackout.
    Many other agencies were also involved in addition to the 
Treasury Department and the Federal Reserve System, including 
the SEC. As the regulator of the Nation's largest financial 
institutions, the supervisor of the New York State Banking 
Department, my good friend Diana Taylor, also played a key 
role. We thank the SEC and Ms. Taylor for their written 
statements which, without objection, we will submit into the 
record.
    [The prepared statement of the Securities and Exchange 
Commission can be found on page 92 in the appendix.]
    [The prepared statement of Diana L. Taylor can be found on 
page 86 in the appendix.]
    Chairwoman Kelly. We really appreciate their statements. We 
look forward to hearing accounts of how our witnesses managed 
during the blackout and how emergency plans for protecting 
critical infrastructure, the ones that have been in place 
before September 11, how they worked. There is no better 
indicator of success of those plans than the fact that there 
was apparently no financial panic either during or after the 
blackout.
    We also want to hear how prepared everyone was for a major 
hurricane and whether they understand what these plans are and 
whether or not Hurricane Isabel had any serious consequences.
    I thank the witnesses for appearing here today and look 
forward to your testimony. Together, I hope we can ensure that 
our financial systems continue to function smoothly under all 
circumstances and the American people will continue to have 
confidence in the financial services sector.
    The Chair notes that there will be members coming from the 
full committee and there will be members coming from this 
subcommittee. So, without objection, all members who have 
statements, questions to ask of the panels, and we ask the 
answers to those questions be included in the record. So, 
without objection, so ordered.
    With that, I will introduce our first panel. We welcome 
Honorable Wayne Abernathy, Assistant Secretary for Financial 
Institutions at the Treasury Department, and the Honorable Mark 
Olson, member of the Board of Governors of the Federal Reserve 
System. The SEC was unable to appear today due to scheduling 
conflicts, so we invited the Commission to submit the statement 
which I have submitted for the record.
    Additionally, I invited Ms. Diana Taylor, supervisor of the 
New York State Banking Department, to submit a statement as 
well about her activities in this area. So, with unanimous 
consent, we have entered their statements in the record.
    We thank you, Mr. Abernathy and Mr. Olson, both for 
testifying before us and we welcome you on behalf of the 
committee. So, without objection, your written statements and 
any attachments will be made part of the record. And, without 
objection, we are going to continue this hearing. I would hope 
that you will give me a 5-minute summary of your testimony, 
because your testimony will--your full testimony will be in the 
record.
    You will now be recognized for that 5-minute testimony. 
When the light changes color, you probably know, you have--when 
it goes from green to amber, you have 1 minute to pull your 
thoughts together and give us a summary. When it goes red, the 
5 minutes is over.
    Chairwoman Kelly. And we will begin with you, Mr. 
Abernathy. It is very--I am very pleased to have you here with 
us today. Go to your testimony now, please.
    [The prepared statement of Hon. Sue W. Kelly can be found 
on page 34 in the appendix.]

 STATEMENT OF HON. WAYNE A. ABERNATHY, ASSISTANT SECRETARY FOR 
       FINANCIAL INSTITUTIONS, DEPARTMENT OF THE TREASURY

    Mr. Abernathy. Thank you, Chairwoman Kelly, and members of 
the subcommittee. It is a pleasure to be here today. I am today 
representing not only the Department of the Treasury, but also 
the Financial and Banking Information Infrastructure Committee, 
or FBIIC. The FBIIC is charged with improving coordination and 
communication among financial regulators, enhancing the 
resilience of the financial sector and promoting communication 
and coordination with the private sector entities that make up 
and operate within our financial services sector. I represent 
the Department of the Treasury in chairing that committee.
    Following recent events, the FBIIC conducted a review and 
compiled a written report that you kindly mentioned in your 
statement, The Impact on the Recent Power Blackout and 
Hurricane Isabel on the Financial Sector, which the FBIIC is 
releasing to the public today, and I submitted a copy of the 
report together with my statement.
    Both in preparation for potential disruptions and in 
responding to actual threats, we are guided by four principles 
in order of importance:
    First, and most important, we must remember in all that we 
do to protect our financial infrastructure, that it is always 
about people. It is the people that make our financial 
institutions work, people that design the systems, people that 
make them successful, people that innovate to keep them fresh 
and dynamic, and it is people whom they are designed to serve; 
people who rely upon financial services for so many aspects of 
their daily lives.
    Second, because it is about people, it is about confidence. 
Our financial institutions operate on confidence, but they also 
promote confidence. In fact, confidence is what our financial 
institutions must provide; confidence that financial 
transactions will be carried out, that checks will clear, that 
bills will be paid, that investments will be made, that 
insurance promises will be kept. The confidence provided by 
financial institutions plays a big part in helping to cope with 
the trauma of disaster.
    Third, essential to that confidence is open markets. 
Financial institutions should be open for business, allowing 
Americans everywhere to engage in their business even during, 
or especially during, times of stress. It is important for 
financial institutions and markets to continue to operate as 
close to business as usual as possible.
    The fourth guiding principle is that we want to promote 
local decision making and problem solving both as we prepare 
for disruptions and as we weather them. The experts that are on 
the ground and in the field are in the best position to 
determine what steps should be taken to protect employees and 
customers. We will help where we can, where we need to, but we 
intend to leave the responsibility with the financial 
institutions and the regulators that are closest to the 
problems to find the solutions. Initiative and ingenuity are 
the most powerful tools to deal with any disruption, and we 
must give full room for their exercise.
    Impact of the power outage of August 14, 15, 2003. The U.S. 
Financial system handled the outage well. The bond market and 
major equities and futures markets were able to open the next 
day for business at their usual trading hours. Neither the 
Department of the Treasury nor any of our companion financial 
regulators received reports of lost data, significant failed 
transactions or other similar problems. Although there were 
isolated reports of telecommunications difficulties, the 
problems were minor and the participants resolved these 
problems during the day. Banks and credit unions also performed 
well.
    Although the impact of Hurricane Isabel was less 
significant in degree, it was quite similar in kind to the 
impact of the power outage. Both resulted in widespread 
disruptions of electric power and the businesses that depend on 
it. However, the storm did not adversely affect the financial 
markets.
    There are several reasons why the U.S. Financial system 
fared so well. First and foremost, the men and women who work 
in the financial system did an extraordinary job. During the 
outage many stayed at their posts to ensure that their systems 
preserved and processed data from trading on Thursday and that 
their systems would be prepared to resume trading the next day, 
on Friday. Almost immediately after the power went out on 
Thursday, financial institutions began asking themselves not 
whether they would open for business the next day, but how they 
could best serve their customers' needs. This commitment to 
serve customers even in times of adversity is important. I wish 
to note that financial institutions decided on their own that 
they would open for business the next day. They did not wait 
for guidance from Washington.
    There are many other things that we learned in terms of 
problems that we need to resolve. Perhaps the most important is 
the way in which our financial services sector depends on 
several others. For that reason, I would say even though the 
U.S. Financial system is more resilient today than it was a 
year ago, the men and women who work in the system help make it 
so and they are the ones continuing to work on the problem 
today.
    Our job is not finished. It is a big job. To paraphrase 
Winston Churchill, we are not at the end or even at the 
beginning of the end, but we might be nearing the end of the 
beginning. Americans and the world can rely with increasing 
confidence on the U.S. Financial system. Thank you.
    Chairwoman Kelly. Thank you very much, Mr. Abernathy.
    [The prepared statement of Hon. Wayne A. Abernathy can be 
found on page 35 in the appendix.]
    Chairwoman Kelly. Mr. Olson.

  STATEMENT OF HON. MARK W. OLSON, GOVERNOR, FEDERAL RESERVE 
                             SYSTEM

    Mr. Olson. Thank you very much, Chairwoman Kelly. Thank you 
also for inviting us and thank you for holding this important 
hearing. My comments will be very similar to Wayne Abernathy's 
and very similar to the summary that you just went through with 
respect to the impact on the financial services industry. My 
focus will be from the vantage point of the Federal Reserve 
System and on the banking industry. And to repeat what you 
said, the markets remained calm and by and large and the 
citizens remained calm. Disruptions were relatively minor, more 
so I think as a result of the power outage than the hurricane, 
so I am going to focus a little bit more on the power outage 
and a little less so on the impact of the hurricane.
    I think to start off, it is important to remind ourselves 
the fact that the disruptions were minor was not accidental. 
The banking industry has been faced with business disruptions 
over the course of its history and we had learned that business 
interruption is a fact of life of managing the financial 
services system. As a result of that, we make business 
continuity planning a very important part of our expectation 
for banking executives and we examine for the capacity and the 
capability of business continuity planning.
    Also, I think it is important to remember that the events, 
first of all of Y2K and then the tragedy around September 11, 
2001, has introduced elements of risk exposure with respect to 
business continuity that have required that we elevate the 
level of our preparation.
    With specific focus on the power outage, as you recall, it 
occurred very late in the day on Thursday at about 4:11 or so, 
and the capital markets had closed, but very quickly the 
markets indicated that they would be open the following day, on 
Friday. As you probably know, banks are not allowed independent 
discretion as to whether or not to open during the normal 
banking day, but both the Comptroller of the Currency and many 
of the State bank commissioners very quickly allowed for 
closings should they be required. Our indication is that only 
perhaps a dozen banks in the entire impacted area closed, and 
that would be a dozen out of a universe in those States perhaps 
between 500 and 700 total institutions. So it was very small.
    The liquidity of the markets was relatively unimpacted. The 
Federal funds market was impacted slightly and there was some 
volatility and that had to do with the fact that the Federal 
funds market is the interbank borrowing/lending vehicle and 
many of those transactions do not settle until the end of the 
day. So those were about to settle about the time that the 
power outage occurred. And so while there was volatility, it 
was not significantly disruptive. Also the following day, on 
Friday, as a result of the carryover, there was some volatility 
also.
    From the consumers' point of view, the major impact was 
access to ATM machines. Some ATM machines remained open either 
because the branch had backup power or because the ATMs were on 
battery power. Consumers in general are not unused to 
experiencing some kind of disruptions with respect to access to 
ATMs. ATM machines are increasingly ubiquitous so it is not our 
perception that there were major problems. There are five 
separate Federal Reserve facilities in the area of the power 
outage. All of them had backup power from generators and all of 
them were fully functioning. As far as we know--and this is 
exactly what Wayne said--we are not aware of any financial 
records that were destroyed in the process.
    With respect to Hurricane Isabel, the major advantage in 
preparation was that it was well anticipated. And as a result, 
there was more extensive advance preparation, and that was 
evident. And key, of course, was the communication. In terms of 
the agency coordination, we could see evidence of coordination 
on three levels almost immediately from the vantage point of 
the Fed. There was communication immediately among the Fed 
institutions and also among the agencies, the FFIEC and then 
more broadly among the Federal Government agencies, so the 
coordination was very strong.
    Lessons learned: Probably the most important lesson learned 
from our perspective is that the best response is to be well 
prepared. It is a variation of a good offense is the best 
defense. But clearly as a result of the preparation, the 
anticipation of the reverse of what could go wrong helped limit 
the disruption.
    Point number two, communications was important. And you can 
quantify to an extent the value of good communications. The 
Treasury markets for example were opened longer than the equity 
markets and the Treasury market dropped about 10 basis points. 
Long bonds dropped about 10 basis points almost immediately. As 
soon as the announcement was made that the outage was not as a 
result of a terrorist activity, the markets responded very 
quickly by returning to the pre-outage level. And that is a 
strong indication of the value of good communication. In 
addition to the announcement that the markets would open again 
on Friday these two announcements, went a long way I think in 
helping calm the general public.
    I think another important lesson learned is the need not 
just for an immediate backup facility, but the ability also to 
provide for what might happen if that backup facility is 
required to stay functioning for some period of time; for 
example, availability of a fuel source for institution using 
generators.
    Chairwoman Kelly, we were very proud of the fact that 
within the Federal Reserve System a number of our employees 
came in on Thursday and Friday during the hurricane, many of 
whom stayed overnight. I would like to submit their names for 
the record and make it a permanent part of this hearing.
    [The following information can be found on page 84 in the 
appendix.]
    Chairwoman Kelly. So moved.
    Mr. Olson. And that concludes my opening remarks, and I 
would be happy to answer any questions.
    [The prepared statement of Hon. Mark W. Olson can be found 
on page 65 in the appendix.]
    Chairwoman Kelly. By all means, do submit the names of the 
people who did spend many hours apparently sleeping on the 
floor or working all night long. If you will get that to my 
office, we will try to see that they get some recognition and 
thanks for what they did. It is imperative for the U.S. economy 
that the markets stay open and that the banks stay open, so I 
am delighted to be able to acknowledge their efforts.
    Thank you, Mr. Abernathy, for your testimony. I want to 
remind both you--both of you and the panelists for the next 
panel, I not only sit here on the Financial Services Committee, 
but I am also on the Transportation and Infrastructure 
Committee. And I was very interested in some of the testimony 
today that I was reading about the fact that there were some 
infrastructure problems here. I think we need to put our heads 
together and work to make sure it is just not the power grid 
going down that was the problem. From what I understand, there 
were issues like potable water and transportation issues with 
regard to getting fuel where it needed to go to keep the 
generators going, things like that.
    I would be very interested in working with both of you and 
with our next panelists on addressing specifically what went 
wrong to see if there is something I can do to help that 
situation from a transportation and infrastructure decision as 
well. So thank you very much.
    I just want to ask a few questions here of both of you. I 
would like to get a few details about your activities and those 
of the staff.
    Mr. Olson, you told us your staff was there. I would like 
each of you to tell me where you were when the August 14 
blackout occurred. I am more interested in that because it was 
a sudden occurrence. We had a lot of preparation. We knew the 
hurricane was coming, so people could prepare for it. But with 
a blackout, that is a sudden act and equal to something that 
could be akin to a terrorist act. So to me, it is very 
important to know how this all worked.
    And I agree with you, Mr. Olson, in your statement. I 
believe in this instance with regard to the financial services 
of America, the Boy Scout motto is the best: Be prepared.
    With that in mind, tell me where you both were on the 
afternoon of August 14, and I would like to know whether or not 
you were able to be in communication with the other regulators 
and the private sector counterparts, what worked and what 
didn't work for you. If you could develop that for me, I would 
appreciate that.
    Mr. Abernathy. If I may begin, Ms. Kelly, it is very 
fortuitous, that particular day we had chosen ahead of time as 
an opportunity to test one of our backup facilities and I was 
actually at one of the Treasury Department's backup facilities 
testing our ability for me to do my job from a location other 
than at main Treasury when this additional test occurred. And 
one of the aspects of the test that made it very rewarding to 
us was that it presented a compound question: Can we not only 
operate from that backup facility but can we operate in a 
crisis situation? And the answer is yes. I was able to do 
everything I could have done from my office in main Treasury at 
this backup facility. I was in constant communication with the 
other regulators. I was in regular communication with the 
financial services sector. I could contact the different 
regulators and ask them how are your markets doing, any 
disruptions, and I was very pleased that we are able to test 
both our ability to coordinate but also coordinate from an 
unusual site.
    Chairwoman Kelly. For you, what the systems were that you 
had in place at that time, they worked as far as you could see?
    Mr. Abernathy. Yes.
    Chairwoman Kelly. Mr. Olson.
    Mr. Olson. It occurred late afternoon on the Thursday. And 
in response to your comment about the Boy Scout motto, ``Be 
Prepared,'' I was fortunate that our resident Eagle Scout, 
Steve Malphrus, was available and he came into my office and 
indicated that there had been a power outage. As a result of 
some of the preparation that we had been through and as a 
result of the prioritizations that we had done previously, our 
first question was, are our people all right? That was the 
first that we have--as a result of the preparation we have 
done, that is--that is the first question we asked.
    Second question we asked, are the Fed facilities 
functioning? And we determined fairly quickly that they were 
functioning.
    I think priority number three was to focus on Fedwire. 
Fedwire is the large dollar payment system, and because of the 
fact for the most part the telecommunication system continued 
to work, Fedwire worked very well. We then initiated 
coordination with the other agencies. And as a result, we were 
able to learn fairly quickly that, for example, the OCC had 
given its pronouncement with respect to opening the following 
day. In terms of the priority, it was people, systems, 
facilities.
    Chairwoman Kelly. Thank you. Each of you spent a number of 
years dealing with disaster planning in the financial services 
sector. I would like to have you grade where we stand now and 
how far we have come.
    Let us start with how far you think we have come in terms 
of the grading scale. On a scale of zero to 10, with zero 
representing the most vulnerable and 10 representing the total 
fixing of the problem, the ideal, we had some vulnerabilities 
which may have gotten fixed over the Y2K problem, but I would 
be interested in your rating where we were and where we are now 
just on a scale of 1 to 10 to kind of give me an idea of what 
we need to do here.
    Mr. Abernathy. Well, I think that presupposes a level of 
precision beyond where we are, but let me try to address the 
question this way. We certainly have been building upon 
preparations that have been in place over a number of years, 
and this is not something that the financial services sector 
woke up to in 2001. As you have correctly pointed out, a lot of 
what we rely upon today began in preparation for the Y2K 
phenomenon. And that built upon other efforts that had already 
been in place. We have financial institutions recognizing a lot 
of their strength comes from their reliability, and the 
reliability depends on the ability to operate when there is a 
disruption.
    But each year has added to the ability to deal and cope 
with a new challenge. Each new challenge presents some new 
challenge that we didn't have before. I think what we have 
learned from the blackout was the more significant degree of 
interrelationship between the different infrastructures, as you 
pointed out, how communications and transportation, how water 
and other infrastructure tie into the ability of the financial 
infrastructure to operate and how they are interrelated. That 
is something we are probing now more than we did a few months 
ago, although we had been doing some of that up to that point. 
Probably the best I can do with regard to numbers, I would say 
we are much closer today to 10 than we are to zero.
    Chairwoman Kelly. Mr. Olson.
    Mr. Olson. Let me just elaborate a little bit on that. 
First of all, I think that if you would have asked the 
question, for example, in 1999, the scale of 1 to 10 would have 
been--would have covered a limited range. Our understanding of 
the range of potential catastrophes is now much broader than it 
was then. We have a wider universe of potential issues.
    Let me give you one specific example. Prior to September 
11, in most of the business continuity planning that was done 
in the banking industry around the country, the expectation was 
that people would be there. Now as a result of 9/11, we 
recognize that we now have to plan under the assumption that 
perhaps the people won't be.
    So I think we are still quantifying the extent to which we 
fully understand the risk exposures. I would say an 8 or a 
scale of 10 in terms of where we are now, because I think what 
we are doing better now than we had done before is that we have 
taken seriously all the planning and the need for additional 
testing and conducting some dry runs. I think Wayne Abernathy's 
experience, that he just described at Treasury, is typical of 
the way we are now managing that risk exposure.
    Chairwoman Kelly. Thank you.
    Mr. Olson, I just want to ask one question about another 
piece of your testimony. You said that most--there were many 
ATMs that were affected, but where they were located in banks 
and so forth, they were up and running. There are ATMs now in 
supermarkets, in little corner grocery stores, at a bodega, 
whatever. When the power went down I would have to assume that 
those were the ATMs that were affected, were they not?
    Mr. Olson. Probably. If they didn't have some kind of a 
backup power facility, either a generator or battery, those 
probably would have been the ones affected. Even within the 
banking industry, there are some ATMs that do not have a 
generator backup facility or battery backup facility, but there 
are some kiosks, for example, where there are ATMs. So some of 
those might have been out also.
    Chairwoman Kelly. I am wondering if it would be a function 
that perhaps we should consider--perhaps you should consider. 
We certainly don't need a law, but as you say, be prepared. We 
should help the public be prepared. And I am wondering if we 
should ask the people who own ATM machines that did not have 
backup power to post a notification that in the event of a 
blackout the ATM will not work, so that people understand that 
they can't in a blackout go to those machines and expect them 
to work. I don't know how many lives that would affect, but it 
seems to me we should let people know what they got, because 
many people do rely on a regular basis on the ATM being 
available, and certainly people did try to get money from ATMs 
in places in New York City and in my district and they were not 
working. I don't know what you think of that. Maybe you would 
like to tell me.
    Mr. Olson. I think it is an excellent question. And I would 
like to look into it and get back to you regarding what we have 
learned from that experience and the extent to which people 
were--the extent to which they were disadvantaged and the 
extent to which they were aware of alternatives and could 
access those alternatives. But we would be happy to follow up 
and get back to you on that.
    Chairwoman Kelly. My concern is if it is in fine print when 
you sign up to get an ATM card, you are not going to notice 
that. But if it is printed on a sticker that is on the machine 
somewhere that it will not function during a blackout, that is 
a good thing for all of us to know. I think it is a good thing 
for all of us to know.
    Mr. Olson. There may be implications to that that aren't 
occurring to me at the moment, but we will look at that very 
carefully and be happy to respond.
    Chairwoman Kelly. There are two other questions I would 
like to ask and then we will go to Mr. Kanjorski.
    Mr. Abernathy, what impact did the move of the Treasury 
personnel to start the Homeland Security Department have on the 
Department's capabilities with regard to disaster planning and 
recovery?
    Mr. Abernathy. As you know, Madam Chairman, we are in the 
process of the Homeland Security Department getting on its 
feet. But already in its early stages, I think one of the 
benefits we had was in this question of interrelating one 
particular sector with another, so that as we were looking at 
the financial services sector and finding out why certain 
operations continued to operate, they told us, well, we can 
keep going for x number of hours but we are going to run out of 
fuel at some particular point. We can take that question then 
to the Homeland Security Council and say the financial system 
is working well, but we may need fuel oil to be able to power 
generators or diesel. And so we could go to them and, say, 
bring that problem and they can deal with it and understand the 
importance of it and have in place systems to deal with that. 
So I think it helped in the process of connecting the different 
sectors together.
    Chairwoman Kelly. Good. That was part of the effect that we 
hoped would happen.
    The other thing I would be interested in hearing is have 
you done any--just sort of prior simulations of a blackout in 
any--I mean, this was not a simulated blackout on August 14, 
but are there simulations that you have run? Did you run one in 
New York City? And this is for both of you. I am interested in 
what magnitude, if you did run simulations, what the magnitude 
was and whether or not that actual blackout experience we had 
met what the parameters were that you had set in place if you 
had run those simulations.
    Mr. Abernathy. We have participated in a number of 
simulations, some of which we sponsored, some of which have 
been sponsored by other agencies of the government. I don't 
recall that any of the ones that we participated in envisioned 
a blackout affecting 50 million people stretching from New York 
City to Detroit. I will say this, though, and I made the 
comment frequently afterwards to our staff and others as we 
looked at how we dealt with the crisis. We were able to deal 
with the problems related to the crisis not because we had 
practiced that particular simulation before, but because we had 
gone through a different number of simulation exercises, we had 
learned to deal with the unexpected and we learned how to 
communicate with one another and work through problems that we 
hadn't envisioned ahead of time. And that kind of exercise, the 
fact that we have gone through a number of different 
simulations, really paid off very well during the blackout.
    Chairwoman Kelly. I am sure probably what you had done went 
a long way to keeping consumer confidence in the market.
    Mr. Olson, do you want to answer that?
    Mr. Olson. I could repeat exactly what Wayne said, but let 
me give you an example of how it worked in the financial 
services industry. When the tragedy of September 11 occurred 
and airplanes couldn't fly and there was a tremendous amount of 
disruption in the economy, what we discovered, what financial 
institutions discovered, is they went back to the business 
continuity planning that they had done for Y2K and took all of 
the disciplines from the Y2K preparation, and those disciplines 
were immediately effective for them on 9/11.
    And so that is a good example of how you plan for business 
disruption, but not necessarily for a specific one, but the 
planning has multiple benefits when you plan broadly.
    Chairwoman Kelly. Thank you very much. I want to again--I 
want to hold this report and tell you I read the draft report 
on this and I was very, very impressed with the ability that 
you had in place already before that blackout to hold things 
together, let the markets continue to function. Of course, we 
were lucky because it happened at the end of the trading day in 
some instances; but having that report, I think, should go a 
long way to a certain stability and peoples' expectations with 
regard to anything else if we have another blackout.
    I am going now to Mr. Kanjorski.
    Mr. Kanjorski. Thank you Madam Chairman.
    Mr. Abernathy, you discussed the fact that the American 
Stock Exchange remained closed for most of the following day 
after the August blackout. How will the interagency paper 
finalized earlier this year and in the process of being 
implemented by the private sector help to ensure that similar 
events do not occur in the future as major financial entities 
work to establish their backup facilities required by this 
guidance? What are the most important issues for them to 
consider with respect to electricity, telecommunications, 
transportation and water resources?
    Mr. Abernathy. I think those are the key elements to look 
at. The purpose of the white paper--we didn't participate in 
the drafting of the white paper, although we are the consumers 
and commentors on it--that was a project of a number of the 
financial agencies themselves. But what we have learned from 
that and how it applied in the blackout is there are a number 
of things you can do to deal with the foreseeable, such as 
providing distance, providing training for personnel, making 
sure that you have not only facilities located in another 
place, making sure your backup system may not be exactly the 
same place as someone else's backup system is. One of the 
problems we discovered in 9/11, a lot of people had backup 
facilities, but they all had the same ones. They were sharing 
the same backup facilities.
    So one of the things we learned through the white paper is 
not only ask what are your backup facilities, but how much do 
they overlap with someone else's. And sometimes the backup is--
requires a backup to the backup, and that is a case that we 
have in some of the financial institutions. We have a first set 
of backup facilities in place, but the backup to those are now 
coming on-line as well, which will further reinforce our 
ability to switch. The other thing is make sure you have the 
personnel available to run these facilities.
    And time, I guess, is the other factor, I would emphasize. 
Not only do you have the backup facility, but how quickly can 
it come on line. The more quickly you can bring your backup 
facility on line, the more quickly you can limit the damage 
from a disaster, and, particularly if it is a terrorist attack, 
the more you can take away the fruits of that terrorist attack 
that the terrorist is looking for. The terrorist is looking to 
disrupt our ability to engage in commerce. The more quickly you 
can bring your backup facilities on-line, you can deny that 
terrorist what he is trying to obtain.
    Mr. Kanjorski. Is there any task force that has the 
Congress's participation in the white paper or the interagency 
paper in terms of whether we are getting there, whether we are 
covering everything? As I understand the interagency paper, it 
states that a facility must be located beyond 50 miles of 
Manhattan, and I suspect that that is in order to provide for a 
nuclear blast. In case the city was struck by a nuclear weapon, 
they would want to be more than 50 miles out of the territory.
    Mr. Abernathy. If I could make one comment, I think the 50 
miles was in the original draft paper and since has been 
replaced with a more subjective requirement that you should 
have adequate distance or adequate time. The goal is you are 
able to get your system back up within certain time frames.
    Mr. Kanjorski. Within 2 hours.
    Mr. Abernathy. Right. It may be that distance provides 
that. It may be in a financial institution you don't need the 
distance, you just need to have separate types of electronics 
or personnel.
    Mr. Kanjorski. Is somebody putting guidance together? What 
happens if I am handling a large part of the trades on the 
markets and am 10 miles away but within the blast zone? Is that 
considered a backup facility?
    Mr. Abernathy. Those issues are the ones we wrestle with 
every day. And I would say the follow-up entity to carry out 
those recommendations would be the FBIIC, that on a regular 
basis compares notes with one another, encourages each 
particular financial agency to be working with their regulated 
entities to see how they are doing and implementing those 
guidelines that are put in place in the white paper; reviewing 
to what extent the guidelines that are in the white paper and 
other guidelines have become out of date due to new things we 
know as a result of the infrastructure as well as changing 
technologies.
    Mr. Kanjorski. Well, the August blackout was very 
informative in terms of comparing that overlay with the 
original thinking in the interagency paper. If you look at it 
and making the assumption that the 50-mile radius is the 
intelligent radius to be away from your major facility, then 
you look at what happened to electricity and find out that 
about half of the zone that you could relocate in, that was in 
the same power grid. So obviously that wouldn't be a retreat 
area.
    And then the most significant part I think is the 
watershed. New York City is served with both the Hudson 
watershed and Delaware watershed. And in case of biological 
attack, it would seem to me if I were a terrorist, I would go 
way upstream and I would blank out a good half to two-thirds of 
acceptable area that backup facilities could be located in.
    Is somebody testing the judgments of the companies that are 
making the decision to put a continuity business facility in 
place, or are we relying totally on their judgment to do that?
    Mr. Abernathy. That is something in particular that 
Governor Olson can talk about. What we understand from the 
financial regulators, that kind of judgment is a constant 
source of discussion between the financial supervisors and the 
people they supervise. There is a discussion that continuously 
takes place in the examination process as well in the process 
of implementing and designing sources of resiliency.
    Mr. Kanjorski. Governor, do you want to pass on that?
    Mr. Olson. I will support what Wayne Abernathy said. As 
part of the supervision that we would do for financial 
institutions, as we would examine their business continuity 
planning. The FFIEC, the coordinating group, recently expanded 
the criteria that we use in our examination of business 
continuity planning from the banking industry. But you hit on 
the key ones. Environmental is certainly one. Infrastructure is 
certainly one. Availability of people is another one. And the 
impact, for example, of an evacuation would be another one that 
would be used. And since post-9/11, we have expanded the 
expectation.
    But there are two keys. First of all, and the most 
important one, is people. Are you allowing for the safety of 
the people? And point number two, it is the speed of recovery 
to get the systems back on track. So as Wayne Abernathy 
suggested, the idea of a specific mileage implication to it or 
criteria to it is less important than to be able to demonstrate 
the capability to respond.
    Mr. Kanjorski. One of the areas I noted in watching the 
various plans is the lack of adequate infrastructure for 
telecommunications for relocation sites. Most of these 
institutions have to have merit data recording, which means 
they have to use fiber optics and they are restricted to the 
speed of light, so they are restricted as to how far out they 
can locate from Manhattan. And I think the parameter for most 
of the technology companies that I have talked to is about 125 
miles from Manhattan. The problem that is occurring, however, 
is some areas that are viable for continuity of business 
relocation sites do not necessarily have in place the fiber 
optic systems to carry the transactional load that would be 
required for continuity of business backup.
    I guess my question to you is, are we going to do anything 
in the homeland security bill or appropriations to either 
assist utility companies or communication companies to lay that 
fiber optic, or is that going to be the sole burden of the 
companies that want to locate facilities?
    Mr. Abernathy. I can't really respond to what is in the 
appropriations bill with regard to telecommunications. That is 
not something----
    Mr. Kanjorski. To my knowledge there is nothing.
    Mr. Abernathy. But I would like to emphasize, though, that 
you are exactly right that telecommunications plays an 
important role on how we run our financial services. Of all the 
other different systems that interact with the financial 
services, I would probably place telecommunications right at 
the top. And one of the things we are engaged in and looking at 
very carefully is how dependent we are, and how building up 
redundancies in the telecommunication system can be brought 
forward, keeping in mind how important that is.
    Mr. Kanjorski. Even, Mr. Abernathy, getting an inventory of 
systems in place. Many companies refuse to disclose the 
locations or distances of their fiber optic systems. And it is 
difficult for someone to cite a continuity of business 
location, not knowing what the route is or the difficulty of 
the distance to the relocation site.
    All I am raising is that there is a need for a little more 
comprehensive activity on the part of Treasury, the Federal 
Reserve, and the other regulators that are involved to make 
sure that we get some redundancy and we get some cooperation 
between other Federal and State agencies with the private 
sector to make sure the infrastructure is available for 
companies to make the proper decision as to when they can 
locate, where they can locate, and how quickly they can be back 
up in business.
    Mr. Abernathy. I would say that interrelationship is the 
number one lesson we learned from the blackout, which is the 
interrelationship of all the different systems.
    Mr. Kanjorski. Tell me we are moving very quickly and in 18 
months we are going to have all those continuity of business 
locations.
    Mr. Abernathy. We are working very hard on it.
    Mr. Kanjorski. If we want to work with someone at Treasury 
or the Federal Reserve, who should we be talking to?
    Mr. Abernathy. In the congressional office, John Duncan 
would be the person for Treasury.
    Mr. Olson. In our case, Steve Malphrus, who happens to be 
here, but he is the communications point.
    Mr. Kanjorski. He is the guru.
    Chairwoman Kelly. Thank you. I would like to simply say 
that representing the area that I do, which is 50 miles north 
of New York City and the entire lower third of New York City's 
drinking systems plus major manufacturing, IBM, huge number of 
things in my district, we have addressed some of these things. 
And I think Mr. Kanjorski's question about somewhere, even if 
it has to be kept at an above-secret level, there ought to be 
some kind of an inventory, that is not a bad question. But I do 
know that some of this has been addressed, because I also 
represent the Indian Point nuclear plants and we have looked at 
not only evacuations but some of these other questions that had 
been raised.
    I would hope that we can work with you both if you have 
needs with regard to infrastructure, so we can make sure we 
have what you need and we can work together.
    The Chair notes that some members may have additional 
questions for the panel. They may wish to submit them in 
writing. Without objection, the hearing record will remain open 
for members to submit questions and place responses in the 
record.
    This panel is excused with the committee's great 
appreciation for your time. Thank you very much.
    I would like to introduce our next panel. First is Ms. 
Rhonda MacLean, Private Sector Coordinator, Financial Services 
Critical Infrastructure Protection and Homeland Security 
issues, and the Director of Corporate Information Security at 
the Bank of America; Ms. Catherine Allen, CEO of BITS, at the 
Financial Services Roundtable; Mr. Donald Kittell--hope I 
pronounced that right--Executive Vice President of the 
Securities Industry Association; and Mr. Howard Schmidt, Vice 
President and Information Security Officer at eBay, and the 
former Chair of the President's Critical Infrastructure 
Protection Board. We thank you all.
    Chairwoman Kelly. And we will begin with you, Ms. MacLean.

   STATEMENT OF RHONDA MACLEAN, PRIVATE SECTOR COORDINATOR, 
   FINANCIAL SERVICES CRITICAL INFRASTRUCTURE PROTECTION AND 
    HOMELAND SECURITY, AND DIRECTOR, CORPORATE INFORMATION 
                   SECURITY, BANK OF AMERICA

    Ms. MacLean. Thank you, Chairwoman Kelly and Representative 
Kanjorski, as well as members of the subcommittee for inviting 
me here today for this important hearing. I am honored to be 
here to speak on behalf of the financial services sector and my 
role as the Department of Treasury-appointed Private Sector 
Coordinator for Critical Infrastructure Protection. The 
financial sector chose to form a Financial Services Sector 
Coordinating Council with the public sector support and 
encouragement and with Treasury's leadership.
    I want to recognize Treasury Assistant Secretary Wayne 
Abernathy and Deputy Assistant Secretary Michael Dawson for 
their instrumental leadership in promoting and supporting our 
efforts for an effective public-private partnership. It has 
really served as a model for other sectors such as 
telecommunications and energy and the like. The council 
consists of 25 organizations that through their constituents 
represent the majority of the financial services sector. These 
organizations include key national exchanges; clearing 
organizations; trade associations in the banking, securities, 
bond, and insurance segments of our industry; and key 
professional institutes.
    Information provided in my written testimony identifies the 
members of our council and additionally includes a diagram 
depicting an extremely important aspect of why we believe our 
sector has such an effective and real public-private 
partnership at the sector level.
    As Mr. Abernathy indicated, the public sector has formed 
the Financial and Banking Information Infrastructure Committee, 
the FBIIC. And periodically both members of our council and the 
committee need to discuss and work together to address sector-
wide issues and initiatives that focus on strengthening the 
resiliency of our sector.
    Our councils work on five strategic areas and I will 
briefly discuss each of those:
    First is the information and dissemination and information 
sharing. Our goal here is to provide a universal service for 
disseminating trusted and timely alert and warning information 
to all sector participants. We believe that this type of 
information sharing will continue to increase the general 
overall knowledge about physical and cybersecurity operational 
risks that face our sector. We have gone from approximately 70 
financial institutions receiving this important information to 
now over 8,000 who are receiving this information today. This 
significant step forward in our goal was accomplished through 
the many council members leveraging their constituents' 
contacts to distribute the critical alerts. Our next generation 
ISAC will continue to improve on this information dissemination 
directly to the financial institutions themselves. The sector 
awareness and outreach activities we are implementing is a 
program for homeland security and information--critical 
infrastructure protection initiatives that include regional 
forums. The local and regional efforts are in most cases the 
front lines in the times of crisis and are an important element 
in the overall communications flow during the times of crisis 
coordination and crisis management. The council also has a 
research and development task group that is working with 
Treasury to determine priority for research and development 
needs of our sector. We have also been working on our Sector 
National Strategy to revise that document in response to the 
two national strategies President Bush released in February. 
This is our vehicle to really define tactical, actionable and 
measurable programming to direct and advance our sector-wide 
critical infrastructure and homeland security efforts for the 
resiliency of our sector.
    Lastly, the subject of this hearing has focused on the 
council's efforts around crisis and response management. When 
events occur with broad sector or national impact, a plan and 
adopted approach for sector-wide crisis management must exist, 
including coordination with government entities and other 
critical infrastructure sectors on which we depend. At a sector 
level the council uses a crisis communicator capability 
developed and supported by BITS that allows council members to 
convene in times of emergency. Timely communication and 
effective coordination is essential to ensure the financial 
sector maintains its resiliency and ensures public confidence. 
We have had numerous opportunities to trust our crisis 
management procedures at a local, regional, and sector level. 
If we examine the August blackout, which had larger geographic 
impact than Hurricane Isabel from a power outage perspective, 
we came through those events beautifully but also with the 
lessons learned as described before.
    As sector coordinator I was able to participate and receive 
information from numerous activities led by council 
associations, clearing corporations, and Treasury-led 
government teams. Additionally, because of the close working 
relationship developed among sector coordinators while working 
together on critical infrastructure protection initiatives, our 
sector received regular updates on restoration activities. In 
the case of the blackout, Mr. Michael Gant, sector coordinator 
for the electric power, provided regular updates and outage 
progress and really worked with us in our coordination effort. 
This level of direct communication was invaluable as efforts 
occurred to evaluate the situation and plan next steps.
    This past Thursday and Friday our council held its regular 
quarterly meeting in New York City where lessons learned were 
discussed by the council and FBIIC with the New York Office of 
Emergency Management. It was clear that the blackout allowed 
many organizations to apply crisis communication and management 
improvements post-9/11. The council members decided to work on 
identifying the various calls that now typically occur in times 
of crisis and will use the blackout experience as a case study. 
The sector-wide effort being undertaken by the council will 
seek to identify opportunities for improving sequencing of 
these calls and other options for better information flow and 
emergency communications. This effort will be coordinated with 
our public sector colleagues and other sectors upon which we 
have specific dependence.
    My two colleagues on this panel, whose leadership for our 
sector has been instrumental in the formation of the council 
and leadership within the council, will be speaking on some of 
the outstanding work their organizations have accomplished and 
specific lessons learned from both the blackout and Hurricane 
Isabel, together with recommendations.
    Ms. MacLean. In summary, Chairwoman Kelly and members of 
the committee, we believe that a strong public/private sector 
partnership is the primary reason for our success. The 
Government and the private sector's coordinating efforts during 
the recent power outage and storms demonstrated the 
preparedness work done by many organizations that have yielded 
very positive results. These efforts have helped to ensure our 
critical efforts are resilient and we are worthy of maintaining 
the public confidence.
    Thank you for your opportunity to testify.
    [The prepared statement of Rhonda MacLean can be found on 
page 57 in the appendix.]
    Chairwoman Kelly. Thank you, Ms. MacLean.
    Ms. Allen.

STATEMENT OF CATHERINE ALLEN, CEO, BITS, THE FINANCIAL SERVICES 
                           ROUNDTABLE

    Ms. Allen. Thank you, Chairwoman Kelly and Congressman
    Kanjorski and other members of the committee, for the 
opportunity to testify. I am Catherine Allen, CEO of BITS, a 
not-for-profit industry consortium of the 100 largest financial 
institutions in the U.S. BITS is the sister organization to The 
Financial Services Roundtable, and our mission is to serve the 
financial services industry where it interfaces between 
commerce, technology and financial services. We are not a 
lobbying organization.
    Our work is shared not only among our members but 
throughout the financial services sector, and you will see that 
in a minute. I experienced firsthand the outage. We were in 
Detroit at BITS meetings and experienced not having water, 
power, telephone and many of the other things, along with the 
CIOs and CTOs of a number of the financial institutions.
    Bottom line, the financial services industry and our 
customers fared well. Backup systems worked, ultimate 
communications systems were used, and there was no measurable 
impact on settlement and payments. There was excellent 
cooperation in communications among the financial services 
regulators, Treasury and the financial sectors.
    Three major reasons why I think the Nation's system fared 
so well were, first of all, preparation. As Mr. Olson said, the 
events of 9/11 and subsequent preparations by both the private 
and public sector helped us trust each other and helped us with 
our abilities to communicate, shift to backup systems and 
continue operations.
    A second thing was the early announcement that this was not 
a terrorist event, and I cannot reinforce how important that 
was. This helped to alleviate public concerns and made for 
orderly execution of business continuity processes.
    Thirdly was the diversity of communications. Again I 
personally can attest to how you use cell phones until they run 
out of juice and then you use Blackberrys and you save cell 
phones to communicate with others. Actually, throughout the 
event Assistant Secretary Wayne Abernathy and I were 
Blackberrying back and forth in preparation that BITS and the 
Roundtable held.
    There also were some critical lessons from the event. The 
power grid must and should be considered among the most vital 
critical infrastructures that needs investment to make sure it 
works. The cascading impact cannot be overstated.
    Secondly, water for cooling systems and personal hygiene is 
often controlled by electricity. People do not think about 
that, and that is what caused many organizations to close their 
offices or delay opening.
    Lastly, communications must be viewed as an integrated 
system. We must be able to use diverse communications and 
understand the vulnerabilities, address those vulnerabilities 
and make sure we have diversity and redundancy.
    Attached to our testimony is a wide variety of lessons 
learned from the outage and specific recommendations. We 
gathered these from what our members experienced during the 
outage.
    The most important lesson, however, that was learned was 
how interdependent the critical infrastructures were and also 
how fortunate we were that it was not a terrorist driven event 
or we had a cyber security event at the same time. We need to 
look strategically and holistically at the Nation's critical 
infrastructures and what can be done to enhance resiliency, 
reliability, redundancy and diversity.
    BITS has addressed a number of the interdependency issues 
and Congressman Kanjorski, you are right on about your points 
about the telecommunications industry. That has been our most 
important effort this past year, the understanding of the 
inventory and what they had and how we would know whether they 
had backup offices.
    BITS has led an effort on behalf of the financial sector in 
assessing telecommunications vulnerabilities and enhancing 
recovery. We have worked with the National Communication 
System, the NCS, of the DHS, who are helping us, and I can say 
there is unparalleled cooperation going on right now between 
the telecom and financial sectors. The results have included a 
detailed and confidential assessment of the interdependencies 
in these routes that you were mentioning in a specific 
geographic area and we are looking at how we replicate that 
through other areas.
    Best practices in telecommunications and financial 
procurement policies, pilots to model the costs of attaining 
greater diversity and redundancy, adoption by our CEOs of the 
NRICK best practices in physical and cyber security and 
obviously education in both sectors. There are many other 
things that we have done in the crisis management area.
    I will point out two areas that also relate to this, and 
that is the IT service providers. There is a press release 
accompanying this hearing that talks about the BITS framework 
for managing technology risk. We must look at our IT service 
providers and our vendors as closely as we look at ourselves 
and we have to make sure that we manage the risk--our risk 
management strategies are in place in working with them.
    Secondly is the area of software security. We have worked 
on a BITS product certification program where we test software 
products against security criteria the industry developed.
    Again a press release accompanies this hearing, talking 
about the development of a user driven coalition to address the 
issues of software development, as well as the patch management 
process. We urge the committee to consider all aspects of 
critical infrastructure, the software and operating systems, 
the service providers, the critical infrastructure industries 
and the practices of firms, industries and Government in 
addressing not only these power outages but future disasters 
and related events.
    I will end with the five key recommendations that we have 
with the committee. One is to invest in the power grid because 
of its critical and cascading impact; in fact, investment in a 
number of the critical infrastructures, such as power, 
telecommunications, and transportation, their incentives, such 
as tax credits, credits for investment, R&D investment and 
direct Government investment.
    Number two, announce early whether an event is terrorist 
related, or not. I cannot tell you how critical this was to our 
maintenance of our crisis management procedures and 
communications.
    Three, establish improved coordination committee procedures 
across the critical infrastructures, specifically with the 
Federal, State and local government.
    Number four, recognize that the financial sector is driven 
by its trusted reputation as well as regulatory requirements. 
Not all other sectors are the same way, and we need to look at 
this again holistically.
    And lastly and most importantly, recognize and review the 
dependence of all critical infrastructures on software 
operating systems and the Internet. A cyber attack of some kind 
which impacts communications, SCADA systems and first responder 
systems would put us at terrible risk. Compounding the problem 
is the lack of security software development processes and a 
current inefficient software patch process that not only cost 
us millions but put us at greater risk.
    It is an alarming issue and critical to the Nation's 
infrastructure. A clear understanding of the role of software 
operating systems and the higher duty of care, particularly 
when serving the Nation's critical infrastructures needs to be 
explored.
    Again, thank you for this opportunity, and I will look 
forward to answering questions.
    [The prepared statement of Catherine Allen can be found on 
page 42 in the appendix.]
    Chairwoman Kelly. Thank you very much.
    Mr. Kittell, please.

   STATEMENT OF DONALD D. KITTELL, EXECUTIVE VICE PRESIDENT, 
                SECURITIES INDUSTRY ASSOCIATION

    Mr. Kittell. Thank you, Chairwoman Kelly and Congressman 
Kanjorski.
    I am Donald Kittell, Executive Vice President of the 
Securities Industry Association.
    Since 9/11 the security industry has invested a great deal 
of time and resources in business continuity plans. The opening 
of the market following the blackout I think was clear proof 
that those plans were viable, at least in the event of a 
blackout occurring at about 4:30 on a Thursday afternoon. I 
would particularly highlight the support we received from New 
York City, as well as from State, Federal and regulatory bodies 
during the event.
    Early assurances that this was not a terrorist act was very 
important, and after 9/11, dealing with the blackout was a 
refreshingly easy problem. When street power was lost, there 
was essentially a seamless transition to backup power among all 
the firms and the exchanges. The Securities Industry Automation 
Corporation, or SIAC, processes for the New York Stock 
Exchange, the American Stock Exchange, the National Market 
Systems, Depository Trust, Fixed Income Clearing and other 
organizations. Those sites were protected by battery backup 
combined with backup generators, and there were no 
interruptions in processing and no loss of data.
    Similarly, SIAC's safety system, which was installed 
subsequent to 9/11 to provide alternative telecommunications 
connectivity between securities firms and the infrastructure 
exchanges, operated throughout the blackout without difficulty.
    Depository Trust activated both its remote sites and its 
remote operating locations, both of which were developed 
following 9/11, so they were actually operating their data 
center in New York from a remote operating center successfully.
    The American Stock Exchange, we talked about earlier, was 
able to activate backup generators for its building and trade 
systems but not its cooling systems because of a shutdown of 
ConEd steam power. The AmEx obtained emergency steam generation 
power later on Friday, was able to open and perform an orderly 
close at the end of the day.
    But I would like to come back to Congressman Kanjorski's 
question about the AmEx if we have time later.
    Some securities firms relocated to backup sites, others 
operated under both backup and main primary sites, but 
essentially all firms were able to operate following the 
blackout.
    SIA's command center was activated within minutes of the 
blackout and conducted conference calls throughout Thursday 
night, the following Friday, and into the weekend, and these 
calls were integrated with those of the regulators and other 
industry organizations.
    SIA has maintained a seat at the New York City Office of 
Emergency Management since the Y2K days, and that was 
invaluable; in fact, it was the OEM that arranged the backup 
steam for the AmEx, as well as arranging for delivery of fuel 
to backup generator sites.
    We believe there is value to adding other people to our 
network of calls, primarily in the telecommunications area, but 
also with data vendors and service bureaus, and we are working 
to accomplish this. I think the main thing we have learned with 
these calls is that it is not so much the preparation and 
structuring of them but just the flexibility we have of being 
able to talk to each other when an event occurs.
    There were some infrastructure issues. The two worst 
problems were loss of communications and transportation. The 
cell phone service degraded pretty rapidly once the backup 
battery power was over and some of the land line switches in 
Brooklyn and mid-town Manhattan were disabled. Instances were 
identified where fuel delivery trucks could not be reloaded 
because of, again, pumps that did not have backup power.
    Transportation systems were immobilized, and many employees 
were stranded. Actually, this was a good thing from the 
standpoint of opening the markets but not so good for the 
people involved. Ferries continued to operate but they were 
overwhelmed by the number of riders. As a result, many firms 
are reconsidering plans to keep critical employees on-site as 
well as shutting down their operations and sending people home.
    Vis-a-vis Hurricane Isabel, the New York City OEM was our 
primary source of information, and fortunately we were able to 
avoid any major challenge there, but we are very cognizant of 
the risk we run in Lower Manhattan of a hurricane. We were 
fortunate that both the blackout occurred when it did and that 
the hurricane did not impact New York in a significant way.
    The blackout occurred after trading hours in daylight, on a 
Thursday of the week. It is just about the best time we could 
order up a blackout. We would have faced very significant 
challenges if it had occurred during trading hours or if it had 
occurred early in the morning before the work force actually 
was able to get into the city.
    With respect to the hurricane, we are well-aware of the 
potential flood damage in downtown Manhattan. Again, New York 
City OEM would be our key guidance there as far as evacuation 
is concerned, so although the early reports and preparation 
were fine, I think we are very cognizant of the fact that a 
hurricane with a direct hit in New York would present much more 
serious problems than what we had with the blackout.
    Since 9/11, the industry, in partnership with Federal, 
State and city emergency management associations, regulatory 
agencies, service providers, has improved its resiliency. We 
are proud of the progress to date. We continue to address 
vulnerabilities in the future.
    Thank you, Congresswoman Kelly.
    [The prepared statement of Donald D. Kittell can be found 
on page 52 in the appendix.]
    Chairwoman Kelly. Thank you very much.
    Now, we turn to you, Mr. Schmidt.

STATEMENT OF HOWARD A. SCHMIDT, VICE PRESIDENT AND INFORMATION 
     SECURITY OFFICER, eBAY, INC., AND FORMER CHAIR OF THE 
      PRESIDENT'S CRITICAL INFRASTRUCTURE PROTECTION BOARD

    Mr. Schmidt. Thank you very much, Chairwoman Kelly members 
of the committee. My name is Howard Schmidt. I am the Vice 
President and Chief Information Security Officer for eBay, 
where I lead a team who is responsible for the security, 
trustworthiness and availability of the services that bring so 
many global citizens together each day.
    Today I come to you more as an individual, primarily, who 
has had the privilege of working with many committed 
individuals in the private sector, law enforcement and 
government to forge a collaboration and cooperation to 
essentially safeguard the sort of resources we need through 
cyberspace and we have seen protected as a result of the 
blackout.
    I had the privilege of assisting in the formation of some 
of the first collaborative efforts in this arena and led the 
creation of the Information Technology Information Sharing and 
Analysis Center, or the IT-ISAC, and now I am serving as the 
first President. This was in the aftermath of PDD-63.
    Later I was appointed by President Bush to serve with 
Richard Clarke running the President's Critical Infrastructure 
Protection Board, in which many of the issues we are talking 
about here today were part of the key issues we were looking at 
as we put together the National Strategy to Defend Cyberspace, 
and that national strategy, I might add, was a combination of 
work done by BITS, the Financial Services ISAC, many of the 
Federal Government agencies, as well as the Congress and many 
of the private citizens across the United States.
    But I want to talk for a moment about the successes that 
the financial services community had that enabled us to 
continue business during the blackout and the recent hurricane. 
It served to deepen our appreciation of the interdependencies 
between the Internet and the critical infrastructure and those 
pieces of commerce that we depend on, as many saw the perfect 
storm of the convergence of two Internet worms that were 
occurring at the same time the blackout was taking place, but 
also, as the Congressman pointed out, between the power and 
telecommunications infrastructure. We were also reminded that 
much of the work that we did in the preparation of the cyber 
security plan also gave us the resiliency and the ability to 
protect ourselves because those same plans in a cyber attack 
were the same plans we needed to put in place to minimize the 
effect of the blackout we saw.
    One of the things that has helped reduce the impact of this 
event as well as others is the ability to share information 
across sectors and across competitor lines. It was particularly 
rewarding to see many companies, strong competitors in the 
marketplace, share information about backup strategies, share 
information about disaster recovery sites. So we can indeed 
enjoy the benefits of the services they provide us on a day-to-
day basis.
    As a matter of fact, during the summer events for the 
blackout, we saw for the on-line industry approximately a 10 to 
15 percent reduction of activity during the power outage 
itself, but that was primarily related to the fact that many 
citizens who would use the Internet could not even log on to be 
able to conduct some of the transactions, but in doing so, one 
of the resources we turned to was the financial impact report 
by various industries, and looking at this, it cited in the 
report the credit card and sales authorizations, which is one 
of the main focuses we looked at with eBay, for online sales 
would lose $2.6 million an hour if they were unable to conduct 
their transactions, and even home shopping was estimated to 
have losses of $113,000 per hour if the system was not 
available.
    There is much we can do to prepare for these sort of 
events, and once again I cite the interrelationship between 
cyber attacks on our infrastructure or the critical events we 
have seen this summer.
    In this case, the Internet connects about 170 million 
computers and an estimated 680 million users. There is an 
estimated growth rate going to 904 million by the end of 2004, 
and you can see eBay is a prime example of how deeply ingrained 
the Internet is to American life and the dependency we have on 
the power of the telecommunications systems to bring these 
buyers and sellers together.
    More fundamentally, and I think this is pretty important to 
understand this, by our location in the backup strategies and 
the redundancy that we have in the overall infrastructure 
system, the stores stayed open during the crisis times where 
physical stores were incapable of opening at that point.
    I want to also point out that some of the emerging 
solutions we have are some of the issues around the United 
States Computer Emergency Response Team, which has just now 
been appointed up in Carnegie Mellon University by the 
Department of Homeland Security.
    By bringing the sector coordinators such as Rhonda MacLean, 
the Information Sharing Analysis Centers, by participation of 
many of those folks and the work done in PDD-63 with the 
Department of Treasury, Department of Homeland Security, we can 
then continue to move forward and make sure that those 
disruptions we have seen indeed have minimal impact on our 
ability to transact business online and particularly in the 
financial sector.
    In closing, I just want to comment on the fact that one of 
the, I think, keystone milestones that we are seeing coming 
forth is in the first part of December the Department of 
Homeland Security, in conjunction with many of the folks that 
you have heard from my colleagues here today are putting on a 
National Cyber Security Summit out on the West Coast, and this 
summit will be cohosted by private sector organizations, the 
Department of Homeland Security, Department of Treasury, and we 
intend to as a result of that put together a task force which 
will continue to evolve in a position where the power 
blackouts, the effects of the hurricane will have less of an 
effect on the infrastructure we depend on, both 
telecommunications and the power blackout, and we will continue 
to work on these plans going forward and working with your 
committee to make sure that we serve the American public as 
well as the private sector interests of the country, with which 
we are both very much in tune.
    Chairwoman Kelly, this concludes my remarks and I welcome 
any questions that you have.
    [The prepared statement of Howard A. Schmidt can be found 
on page 76 in the appendix.]
    Chairwoman Kelly. Thank you very much, Mr. Schmidt.
    Can you tell us the date of that?
    You just said that you are going to have the Cyber Security 
Summit, but you didn't, I believe, mention the date. Even if 
you did, let's emphasize it.
    Mr. Schmidt. I did not. It is in my written testimony. It 
is December 3rd, and the venue is still being worked on by DHS, 
and I understand Secretary Ridge is also having a personal hand 
in putting this very, very valuable summit together.
    Chairwoman Kelly. Yes, I am sure it will be valuable.
    We have been talking about a number of problems with IT 
software, as well as the hardware, and I am hopeful that both 
of those will be addressed at that summit?
    Mr. Schmidt. Yes. As a matter of fact, they are. There are 
two specific task forces looking at quality control and 
engineering, and taking the efforts that many of the software 
companies and hardware companies have really turned their 
business models around to focus on security and availability; 
as a matter of fact, to the displacement of some of the feature 
issues that we are going to have a complete task force work 
with those issues to make sure that that gets accelerated.
    Chairwoman Kelly. Given your White House background, I 
would like to know how the financial sector would have handled 
the power outage in August differently had it been the result 
of a terrorist attack or if it had been a particular terrorist 
attack on a cyber section.
    Mr. Schmidt. I think that is one of the interesting points, 
as I tried to point out during my testimony, that many of the 
resources and many of the programs that we put in place 
relative to the aftermath of September 11 and actually going 
back even to PDD-63 were the same things we needed to do for 
disaster recovery of business continuity, so therefore had we 
not had the focus we had over the past 5 years I think it would 
have been a different story. So whether it is a terrorist 
attack, a cyber attack, I think the steps the financial sector 
took in preparation of this are the right steps and they 
continue to move in the direction to even make this more 
valuable.
    Chairwoman Kelly. Thank you.
    I would like to ask Ms. MacLean, what was, for your group 
and for you possibly and your sector, what was the biggest 
surprise that you found during the blackout, a problem or 
something that worked that you didn't think was going to work?
    Ms. MacLean. I think the biggest--well, it was no surprise 
that it worked, and that only came because of the amount of 
testing and focus this particular area, business continuity and 
resiliency, has on our sector in general.
    I think the biggest surprise for me was in actually setting 
on some of the telecoms the issue of dealing with some of the 
personal inconveniences for people, such as the sanitation 
systems being dependent on the electric power, and I know in 
our case and some of the New York buildings being on a very 
tall floor was a very inconvenient process, and so making sure 
that we had good sanitary conditions, together with getting 
food in to people who had stayed through the night and through 
the days following the blackout, to make sure everything was 
operational I think was the key thing that--and also making 
sure we had enough flashlights, because that is another area 
where you may have backup resiliency but you really do not have 
enough to power lighting, and so you need to have other kinds 
of capabilities there on hand.
    So it is the people issue again that I think continues to 
have additional focus in many of our institutions.
    Chairwoman Kelly. What do you think should be done with 
regard to battery backup? I understand that there were places 
that had battery backup but then after a while the battery 
simply expired.
    Ms. MacLean. Well, for the systems to maintain 
operational--I mean, that runs on large generators, that 
provided adequate backup. I think the smaller battery backup 
just for a small area I think is where it gets a little bit 
more complicated and I think we need to look at what are some 
of the alternatives. Again, I think it is more of a people 
issue rather than it is the system. The systems are going to be 
run through the large generators, which seemed to have 
adequacy.
    Chairwoman Kelly. I am interested in the mix that we have 
been talking about, this interrelationship, and you pointed out 
sanitary systems on the upper floors weren't exactly working, 
and Mr. Kanjorski brought up the fact that there were some 
problems that possibly could have been some problems with 
regard to drinking water.
    Your sector--or any of you, let me address this to all of 
you: Are you planning to try to work with the third parties 
that control these systems to try to put something in place 
fairly soon or do you feel that is just the way it is going to 
be?
    Ms. MacLean. Well, let me take a cut at that answer. I 
think the sector coordinators, there is a sector coordinator 
for water and power, for emergency, I mentioned Mr. Michael 
Gant. There is also a telecommunications sector coordinator, 
and we do meet on a regular basis and this is the focus of a 
lot of our talk in discussions and looking at what are the 
initiatives we need to have cross-sector to make sure that we 
are working together.
    The interdependencies is what is at--is the main point that 
we need to get at, and I understand those intersections of 
interdependencies, and make sure we have adequate plans in 
place to address those things.
    Mr. Kittell. Our best work there is with the New York City 
Office of Emergency Management, where we get more results with 
the OEM talking to the water companies than we do talking with 
the water companies directly. Same thing with telecom in an 
event like this. So that problem is identified on our list of 
things that we are chasing down.
    Chairwoman Kelly. That is good to hear. I suspect we in the 
New York area have had--obviously, we have had a little more 
experience in some other areas in dealing with this, but I just 
still do not think we have it put together. I think it is very 
important that these integrations of systems be worked on and 
be made to work.
    I have other questions. I will submit some of them in 
writing, but in the interest of time I am going to go to Mr. 
Kanjorski.
    Mr. Kanjorski. I thank Ms. Kelly.
    Ms. MacLean and Mr. Kittell, one of the most important 
aspects of disaster recovery planning for very large financial 
entities and for clearinghouses concerns the maintenance of a 
synchronized realtime redundancy.
    As I understand, to address this issue many firms currently 
rely on annual descriptions to the disaster recovery systems, 
be it known as SunGard and IBM Global Services, but when a 
disaster strikes at these first, first in line in receiving 
assistance, they may not be first to receive help.
    What will happen to our markets if all of the disaster 
space is taken? What could financial firms do to prepare for 
such contingencies?
    Mr. Kittell. Well, I think we had that situation with 9/11, 
Congressman. The backup sites at the companies you mentioned 
were swamped with all of the firms that were affected by 9/11 
and they did, I would say, a very good job of not only using 
their preplanned space but also giving up their own offices and 
data centers for use by the firms that needed it.
    There was also a tremendous--as you know, there was a 
tremendous voluntary effort on the part of other firms in the 
industry, offering desk space and data center space, and so on, 
in a cooperative way across the industry, so I think we have 
already had that event. I think as a result of the event the 
capacity in those backup organizations has been increased, and, 
you know, depending on the nature of the event to come, we are 
certainly in much better shape than we were pre-9/11. Whether 
we could defend against some of the scenarios that people talk 
about is obviously an open question.
    Mr. Kanjorski. Do you want to respond along that line?
    Ms. MacLean. Well, I think Don Kittell has really done a 
good job of articulating. The 9/11 really did--at the end of 
the day, we did work very, very well, even though we did reach 
capacity. As a result, though, also, you mentioned the 
interagency white paper that has been published. Institutions 
are required to look at those recommendations in that white 
paper and are in the process of implementing and assessing 
their programs against that, the recommendations made in the 
interagency white paper.
    As we go forward, the focus is really to continuously 
improve and assess your capabilities and ensure that you can 
meet those 2 and 4-hour guidelines, and I think that is where 
the real question comes in, is the innovativeness and the 
different capabilities that we can bring to bear to meet those 
time lines, and that is where the focus is today.
    Ms. Allen. Yes, I might just address that, too, because we 
have done work in the outsourcer area, we have viewed them as 
third parties, and that is part of what this framework that we 
developed for the industry was, to look at present best 
practices that financial institutions need to require of their 
third-party providers.
    We actually are having a meeting on this, a conference on 
this, on outsourcing, on November 6 and 7, and, again, it 
focused on preparedness, on the requirements, so that 
outsourcers meet the same level of standards that we require 
internally and to look at where the gaps are, so that we make 
sure that we have enough capacity in the outsourcing industry 
to handle it if we have a major disaster.
    Mr. Kanjorski. Does that create some unfair competition, if 
some companies respond by doing the job in accordance with the 
white paper and others decide to take the chance not to do it? 
If a disaster doesn't occur, the latter group gets a 
competitive advantage. Of course, if the disaster does occur, 
the former group gets a competitive advantage. And if someone 
looked at whether or not there was a need for compulsion as 
opposed to voluntarism?
    Ms. Allen. That is my point. The point about the financial 
institutions were all regulated. We all have certain levels of 
regulation or compliance that we must meet, but we oftentimes 
compete with nonfinancial institutions who do not have to meet 
the same regulatory oversight or liability or business 
compliance requirements that we do, and it is one of our 
reasons we focus on outsourcers, to make them meet the same 
requirements, but they aren't really regulated. It is only at 
our request or our demands that they meet that.
    Other critical infrastructure facilities that we rely on, 
we totally rely on in some cases, do not have the same 
regulatory oversight or do not have the same kind of 
requirements that we do. So that makes it difficult. The 
interagency white paper is a good example of requiring us to 
come back up in a certain time period. We can do what we can 
internal to our walls, but when we are dependent upon the 
telecommunications or the power industry, we cannot always be 
sure that they will be there.
    Mr. Kittell. I would comment on that. I do not think firms 
look at this as a competitive issue the degree to which they 
build resilient facilities.
    The issue that is debated is what events do you defend 
against and which ones have a high enough probability that will 
result in the investment paying off, and that is the debate 
that takes place between firms individually and with the 
regulators, whether it is the Fed or the SEC or the Treasury.
    What events have I agreed to defend against and how have I 
defended against them, and there are some scenarios that some 
firms freely admit they are not pretending to defend against, 
but I think that is the primary debate. What do you defend 
against and what do you not? It is not a question of 
competitiveness, one way or the other.
    Mr. Kanjorski. Thank you very much, Ms. Kelly.
    Chairwoman Kelly. Thank you.
    Ms. Allen, I would like to go back and ask you a question 
about the outsourcing problem that you raised.
    We talk about cost/benefit, and my next question is going 
to be to this panel on cost about all of this, but one of the 
reasons we see an increase in outsourcing in a number of areas 
is it does cost less.
    From what you now know, do you believe that there is a 
Federal regulatory position that we should be thinking about 
taking, with regard to people who do affect our financial 
structures who are in an outsourced position and perhaps not on 
the shores of the United States of America?
    Ms. Allen. I would have to come back with an answer on 
whether you should take a regulatory perspective. I will say 
that that is a target. The idea of having industry marks and 
best practices and requirements of outsources, whether they are 
inside our territory or whether they are in India, China, or 
other places, our financial institutions are requiring the same 
level of standards of those two types of outsourcing entities, 
and I think that it is important that a number of the 
regulators will go into major outsourcers, providers that 
provide the majority of services to the financial institutions 
and actually will examine them. It is on a limited basis, but 
it also is helpful in making sure those outsourcers know they 
are going to be looked at in terms of their capabilities.
    I would have to come back to you on the regulatory part of 
it.
    Chairwoman Kelly. When you said that you require the same 
level of standards, we have been talking about the fact that we 
here in the United States, while we do have a lot of standards, 
some of our standards were deeply affected by the availability 
of power, water, and so forth.
    Are those levels required of outsourced?
    Ms. Allen. Again, we are asking in the framework, and we 
also are ready to launch a major, what I call, security 
assessment, it is a matrix. It is standardized, whether it is a 
financial institution or a consultant or auditing firm goes in 
and looks at an outsourcer, it is the same questions, again 
whether they are located in the U.S. Or outside the U.S., their 
dependency on power, on telecommunications, having backup 
systems, making sure they can get people to their sites. So we 
are viewing them just the same as having our own backup system 
50 miles away or 200 miles away. If it is 2,000 or 20 miles 
away, it is the same way looking at that outsource capability.
    Chairwoman Kelly. Thank you very much.
    I want to go back and ask you all the same question: Has 
there been a study, do you have any idea what the cost is, with 
regard to planning, putting in place the things that we need to 
make sure that the systems, the financial systems in America 
stay up and running despite any kind of a disaster?
    All of the disaster planning we have done has cost money. 
Your conferences cost money, and this money is currently coming 
from the private sector, so we in the Government really, I do 
not think, have a handle on it.
    Do any of you have a handle on it and can you tell us what 
the costs look like, and I am going to start with you, Ms. 
MacLean.
    Ms. MacLean. Well, there has been a number of different 
studies that you can--the Gardiner Group I know has done some 
marking between different institutions where you can get some 
comparison data about what the investment is with large 
organizations or medium organizations who are looking at their 
business continuity and business preparedness. So there is some 
independent individual studies for the purpose of marking.
    I am not aware, maybe some of my colleagues here are aware, 
of an overall study that quotes would be a good source of 
something, but that is something we surely could look into and 
make available to you and to your staff.
    Chairwoman Kelly. I am just wondering about the insurance 
industry. For instance, they said that the cost of the blackout 
could be estimated in several billion dollars from what I 
understand.
    I want to know if there has been any objective look at the 
losses in that sector alone, let alone all the things we have 
put together. So perhaps we could take a look at that.
    Ms. Allen, would you like to respond to that?
    Ms. Allen. There are isolated studies, again the Gardiner 
study, we ourselves are dimensioning the costs to our industry 
of patch management, what it costs to go back in for the 
Slammer, for the SoBig to fix that, so we have a handle on how 
big this issue is.
    We could come back to you, and I will give you some 
isolated studies that I have seen on the cost of business 
continuity, cost of requirements to be able to have the kind of 
physical security you need.
    We are working with the telecommunications industry right 
now to dimension the cost to provide the level of diversity and 
redundancy that they now provide to the FAA and if we were to 
provide that to financial institutions. There aren't numbers on 
that yet, but we will be happy to share that once we know it.
    Chairwoman Kelly. Mr. Kittell?
    Mr. Kittell. Yes.
    The SIA did a cost study of the Y2K conversion at something 
in the neighborhood of $5 billion over 3 years. We did a 
similar kind of study for the conversion of decimals, which was 
about two billion over 2 years, or so.
    We also did a cost estimate of moving from T3 settlement to 
T1 settlement, of about $8 billion over about a 4 or 5-year 
period.
    These numbers are very gross. They will take into account 
IT and other budgets that are addressing lots of other things 
besides the specific projects that we talked about, because 
they get into fundamental infrastructure capacity.
    It is very hard to isolate one number from another. We have 
not done a number on business continuity planning over the last 
2 or 3 years, but depending on who is calculating and what 
objective they are trying to reach, I would say you would see 
numbers comparable to maybe the decimal conversion or Y2K.
    Chairwoman Kelly. Thank you.
    Mr. Schmidt.
    Mr. Schmidt. Yeah, I do not know of a comprehensive study, 
but some of the university relationships I have had, I am going 
to go back and ask them to start working on one and ask them to 
prepare for that. But this Eagle Rock Alliance out of New 
Jersey has done an hourly breakdown on what the losses might 
be, and I found that particularly interesting on some of the 
data points they have got, but the whole issue of the 
availability, part of the service level agreements that many of 
us are now doing--and I believe Catherine mentioned it--with 
our outsourcing partners, that basically we are not only having 
that as part of the contractual agreement but we are also 
engaging with other companies to do an audit to make sure they 
can deliver on that. So it is having a cascading effect on some 
of the smaller partners out there, which then gives us a better 
availability later on to say yes, we can deliver within that 2 
to 4-hour time frame.
    Chairwoman Kelly. Thank you. Would this panel have any 
final recommendations for this committee with regard to the 
issue we are addressing today?
    Ms. Allen. I would just like to commend Congress for 
passing the Defense Production Act with the definition of 
critical infrastructure industries included in that. I think 
that was a great step forward for us in prioritization of 
services.
    Mr. Kittell. I would say it is appropriate from our point 
of view from a legislative and a regulatory point of view to 
ask firms to address the risks that they identify, for example, 
in the outsourcing question earlier, that it is reasonable to 
take some sort of regulatory action vis-a-vis have you 
considered the complications of outsourcing and what have you 
done with it, as opposed to trying to write--which I think 
would be very difficult--write some sort of regulatory scheme 
around standards or principles or the way things need to be 
done, because each firm really has unique resources to play 
with, unique solutions to defend against these issues.
    Chairwoman Kelly. My inclination is to agree with you. 
Before I came to Congress I noticed that every time Congress 
wrote a law it seemed to sort of foul things up a little bit. 
So maybe we can stay out of that and the industry can deal with 
it. Certainly it seems as though you have been dealing with it 
very well.
    Mr. Schmidt, our final comment here.
    Mr. Schmidt. Yes, thank you.
    My recommendation would be for the committee to do as it 
has been doing, maintain the dialogue with those of us in the 
private sector that are the owners and operators of this, and I 
thank you for your leadership and the Congressman for his 
leadership in making sure that we, indeed, keep it to where the 
private sector can effect the changes without imposing 
regulations that probably do not work.
    Chairwoman Kelly. Good, thank you.
    This committee thanks all of you for staying here for such 
a long period of time. I appreciate it very much, and the Chair 
notes that some members may have additional questions for the 
panel. They may wish to submit them in writing. So without 
objection, the hearing record will remain open for 30 days for 
members to submit the written questions to these witnesses and 
place their responses in the record.
    This second panel is excused, with our great thanks and 
appreciation for your time.
    I want to briefly thank all the members and the staff for 
the assistance that they have given us in making this hearing 
possible.
    This hearing is adjourned.
    [Whereupon, at 3:52 p.m., the subcommittee was adjourned.]


                            A P P E N D I X



                            October 20, 2003
[GRAPHIC] [TIFF OMITTED] T2642.001

[GRAPHIC] [TIFF OMITTED] T2642.002

[GRAPHIC] [TIFF OMITTED] T2642.003

[GRAPHIC] [TIFF OMITTED] T2642.004

[GRAPHIC] [TIFF OMITTED] T2642.005

[GRAPHIC] [TIFF OMITTED] T2642.006

[GRAPHIC] [TIFF OMITTED] T2642.007

[GRAPHIC] [TIFF OMITTED] T2642.008

[GRAPHIC] [TIFF OMITTED] T2642.009

[GRAPHIC] [TIFF OMITTED] T2642.010

[GRAPHIC] [TIFF OMITTED] T2642.011

[GRAPHIC] [TIFF OMITTED] T2642.012

[GRAPHIC] [TIFF OMITTED] T2642.013

[GRAPHIC] [TIFF OMITTED] T2642.014

[GRAPHIC] [TIFF OMITTED] T2642.015

[GRAPHIC] [TIFF OMITTED] T2642.016

[GRAPHIC] [TIFF OMITTED] T2642.017

[GRAPHIC] [TIFF OMITTED] T2642.018

[GRAPHIC] [TIFF OMITTED] T2642.019

[GRAPHIC] [TIFF OMITTED] T2642.020

[GRAPHIC] [TIFF OMITTED] T2642.021

[GRAPHIC] [TIFF OMITTED] T2642.022

[GRAPHIC] [TIFF OMITTED] T2642.023

[GRAPHIC] [TIFF OMITTED] T2642.024

[GRAPHIC] [TIFF OMITTED] T2642.025

[GRAPHIC] [TIFF OMITTED] T2642.026

[GRAPHIC] [TIFF OMITTED] T2642.027

[GRAPHIC] [TIFF OMITTED] T2642.028

[GRAPHIC] [TIFF OMITTED] T2642.029

[GRAPHIC] [TIFF OMITTED] T2642.030

[GRAPHIC] [TIFF OMITTED] T2642.031

[GRAPHIC] [TIFF OMITTED] T2642.032

[GRAPHIC] [TIFF OMITTED] T2642.033

[GRAPHIC] [TIFF OMITTED] T2642.034

[GRAPHIC] [TIFF OMITTED] T2642.035

[GRAPHIC] [TIFF OMITTED] T2642.036

[GRAPHIC] [TIFF OMITTED] T2642.037

[GRAPHIC] [TIFF OMITTED] T2642.038

[GRAPHIC] [TIFF OMITTED] T2642.039

[GRAPHIC] [TIFF OMITTED] T2642.040

[GRAPHIC] [TIFF OMITTED] T2642.041

[GRAPHIC] [TIFF OMITTED] T2642.042

[GRAPHIC] [TIFF OMITTED] T2642.043

[GRAPHIC] [TIFF OMITTED] T2642.044

[GRAPHIC] [TIFF OMITTED] T2642.045

[GRAPHIC] [TIFF OMITTED] T2642.046

[GRAPHIC] [TIFF OMITTED] T2642.047

[GRAPHIC] [TIFF OMITTED] T2642.048

[GRAPHIC] [TIFF OMITTED] T2642.049

[GRAPHIC] [TIFF OMITTED] T2642.050

[GRAPHIC] [TIFF OMITTED] T2642.051

[GRAPHIC] [TIFF OMITTED] T2642.052

[GRAPHIC] [TIFF OMITTED] T2642.053

[GRAPHIC] [TIFF OMITTED] T2642.054

[GRAPHIC] [TIFF OMITTED] T2642.055

[GRAPHIC] [TIFF OMITTED] T2642.056

[GRAPHIC] [TIFF OMITTED] T2642.057

[GRAPHIC] [TIFF OMITTED] T2642.058

[GRAPHIC] [TIFF OMITTED] T2642.059

[GRAPHIC] [TIFF OMITTED] T2642.060

[GRAPHIC] [TIFF OMITTED] T2642.061

[GRAPHIC] [TIFF OMITTED] T2642.062

[GRAPHIC] [TIFF OMITTED] T2642.063

[GRAPHIC] [TIFF OMITTED] T2642.064

[GRAPHIC] [TIFF OMITTED] T2642.065

[GRAPHIC] [TIFF OMITTED] T2642.066

