| Home | Information Sharing & Analysis | Prevention & Protection | Preparedness & Response | Research | Commerce & Trade | Travel Security & Procedures | Immigration |
| About the Department | Open for Business | Press Room |
The threat level in the airline sector is High or Orange. Read more.
Release Date: 10/09/03 00:00:00
For Immediate Release
Office of the Press Secretary
October 9, 2003
SECRETARY RIDGE: Thank you, thank you. Thank you, Chris. Thank you for that overly generous introduction. Thank you for the opportunity to spend a little time with you this afternoon. I can't help, since Chris pointed out the results of the election in California last night -- I had occasion to be having dinner at an event, charitable event with Senator Ted Kennedy; it was a roast. And we were all kind of wondering out loud publicly what Thanksgiving dinner at Hyannisport's going to be like this year. It's going to be kind of -- it's going to be a little different than it's been before. The Kennedy clan's finally seen the light.
(Laughter.)
Anyhow, thanks for the introduction. And thanks for the opportunity to be here. You all know that Chairman Cox is a longtime, longtime supporter of the industry, and one of the most gifted advocates for the industry, and the enabling capacity that you bring to the communities, to the operation of government in the private sector. So you've got a great friend in my chairman.
I also say he's been a great champion of the Department of Homeland Security. We wrestled with the notion and the legislature. Congress still wrestles with the notion of how many committees that we should be reporting to since we ended up being an amalgamation of about 22 different departments and units and their tentacles go into a lot of the committees of oversight.
And while we still testify before quite a few testimonies, I must say publicly that the Chairman has tried to make it as easy as possible for us, because we have so many areas of responsibility on a day to day basis, because he does have oversight responsibility. Congress should exercise that oversight responsibility, but he's done everything in his power to make it easy for us to do our job, and at the same time work in partnership with him. So, Chris, I really appreciate the kind of professional and political courtesies, given the huge portfolio that you have that you've extended to me, the deputy secretaries, and everybody on our team. I thank you very much.
I think it's a great idea that the Software Alliance organized this summit, and I thank you for your strong support of the mission of homeland security. To some, it might seem just a little bit counterintuitive to have the Homeland Security Secretary speaking at a summit on innovation and economic growth. But I think there are some folks out there in the world who view our role -- they have a notion that homeland security is all about erecting walls and barriers, inspections and intrusions. They see it less an innovation than a necessary evil. But we obviously don't share that point of view.
Homeland security is about building bridges to one another, even as we build barriers to terrorists. The most important bridges that we build within the Department, and then out into the rest of the country, in my mind, are the technological bridges that we build. It's about creating partnerships, and it's about sharing information, for which technology, your industry, is perfectly suited. The measures we take to secure the homeland can lead to a safer world, a stronger economy, and yes, I believe, done correctly, even more freedom and less inconvenience.
I think -- as Chris pointed out in his introduction, we've had several conversations about the kinds of strategic investments the country makes in homeland security. And if we do it correctly, with a focus on making us not only safer, but better and stronger and healthier, the need to do things differently, that drive us to set up a new department, to invest billions of new dollars to combat terrorism, has -- again, if they're strategic investments -- intended consequences that enhance our way of life, improve our economy, and just make us a better and stronger country.
Chris and I share that point of view, and look to direct our resources with that mindset. But in order to accomplish these goals, it takes the right leadership on both offense and defense, as the -- defense, as the President has put it. At my swearing in two years ago yesterday -- oh, my God, it's been that long -- President -- I almost forgot about that. I didn't get an anniversary card from the President. I don't know what happened.
(Laughter.)
Maybe I should have sent him one. We've been joined at the hip. President Bush said that the best defense against terror is a global offensive against terror. And since that day we have driven two terrorist supporting regimes from power. We're making good progress in stabilizing Iraq and Afghanistan's political and economic infrastructure, so they can join the community of free nations, with all that entails.
As one liberated Iraqi woman said, and I quote -- this is really wonderful -- she said, "We want technology. We want freedom. We want everything." Think about it. She wants technology, and freedom, and she figured out if you get those linked up together, there's a lot more that she and her country could have. Rather remarkable observation.
Freedom from Iraq and Afghanistan will -- freedom for Iraq and Afghanistan -- will benefit all nations. But we have to protect our freedom in this country as well. And here, too, our President has led. And Exhibit A is the Department of Homeland Security.
Now, before September 11th -- and Chairman Cox would tell you, I'm sure -- the notion, the notion of reorganizing 22 federal agencies and departments, and 180,00 employees to protect the homeland into one unit, would have been viewed on the Hill as unlikely if not downright impossible. Now it's a reality. No small measure to leaders on the Hill like Chairman Cox. I think you can see the improvements in many areas already.
Before September 11th, airport ticket agents asked you if you packed your own bags. But little was done to check them. Today, nearly 50,000 highly trained screeners check passengers and luggage for weapons while keeping a smooth flow of traffic. From the curb to the cockpit, there have been enhanced security measures, great improvements, where I can stand before you today in saying, flying commercially these days is far, far safer than it was on September 11th, 2001, and every day, we look for ways to make it even safer.
Before September 11th, our ability to protect Americans against a bioterror attack was compromised by shortage of supplies. Today, a billion doses of antibiotics and vaccines are stockpiled, including enough smallpox vaccine for every man, woman and child in America.
Before September 11th, the nation did not have a national plan to protect the homeland. We have the President's National Strategy for Homeland Security, and indeed, included in that strategy is a separate piece dealing with physical and cyber infrastructure. We understand the interdependency. You really can't talk about infrastructure in this country anymore as if the physical and cyber are separate and apart.
I had occasion the other day to, yesterday, to have a town meeting in St. Louis. It was a very interactive town meeting. Frank Sesno was the moderator. They had some questions they gave to 300 folks in the audience, and they said, "If you're going to have the government or somebody inform you about the threats of terror, what form would you like?" There was radio, television, internet -- the list went on. And everybody said television, 55% if I recall correctly. I thought it was rather strange. And then somebody said, "Well, that's just great, until they knock out your power. Then where do you go?"
So obviously, as we think about our vulnerabilities, we have to think about redundancies. I think that one of the, the notions that we have in our Department, and we think about it all the time, is the combination of a cyberattack and a physical attack. You can imagine, given the interdependency -- just emergency services alone, responding to a physical attack -- how that could complicate our mission to save lives.
So we know we've got a lot of work to do. And again, with the President's lead, I think we're getting it done.
The Business Software Alliance knows it's important to have a plan. Your white paper found that securing technology is not merely a technical issue -- and we're grateful for that -- but one that demands, in your words, strong corporate governance, in a management framework that will lead to positive results. We share that point of view; we think that applies to government as well.
With these three strategies that we have within the Department, we now have a strong national framework for action. Combined with the President's strong governance, we think we've got an unbeatable combination. Now what actions have we taken to carry out these plans?
For starters, we've created information analysis and infrastructure protection, some new units. We didn't inherit this. This is not one of the 22. This is something that we've created and, actually, one of the chief areas of interest for Chairman Cox, because he and I believe that at the end of the day, prevention is the tip of the, tip of the spear.
We talk about preventing terrorist attacks, reducing vulnerability, responding to attacks, but ultimately what you want to do first, what you try your very best to achieve, is prevention. And that's about getting timely and accurate and credible information, getting it distributed in a timely way, so that people can act on it, to prevent an attack. Basically, that's what the infrastructure, the information analysis and infrastructure unit does. They analyze threats against the homeland, map those threats against critical infrastructure nationwide, and then inform the businesses and communities affected. And then we recommend measures to protect them.
The President's 2004 budget will provide an additional $800 million for this effort. Our new Terrorist Threat Integration Center gathers threat intelligence from across the entire government, so we can spot patterns we might not otherwise see. Then we have a threat screening center.
You've heard a lot about watch lists -- we've got a lot of lists in the federal government. Chris will tell you, we've got a dozen, dozen plus lists. And what happens, particularly at the border -- and I get a nightly -- I get a morning report on what transpires in all my agencies, some of the highlights -- and every morning I read that certain people tried to get into the country, and we just didn't allow them in. And I get the background on that.
And so we have, we have a lot of lists. But we do need to consolidate those lists, and some of those names on the list, once we get our infrastructure completed, ought to be down to the state and local areas as well. This information sharing is, in distribution, cannot be intra-federal government. The National Strategy, interesting, didn't -- it's not a federal strategy, it's a national strategy. We have to be connected with the governors and the mayors, and the state police and the local police. And we think we're, again, with the support of the Chairman and Congress, we think we can accomplish that. It's part of our enterprise architecture.
We've created a Cyber Security Tracking Center to monitor incidents and coordinate our nationwide response. We'll be aided by our Computer Emergency Response Team, or U.S. CERT. I think some of you are familiar with it; a lot of you members of the alliance -- maybe the alliance is working with Carnegie Mellon. It's a new partnership with Carnegie Mellon University, which will grow to include many members of the business community. We're going to need your help here. We can't get this done by ourselves. The connections you make, and the network you establish in support of the U.S. CERT will go a long way in helping us achieve our goal of reducing our vulnerability to cyberattacks.
Your paper noted that the number of cyber security incidence has roughly doubled every year since 2000. Seventy-six thousand occurred in just the first six months of 2003. Now, many of these are simply the work of hackers. Well, that's true, but that's not much of a comfort. We know the enemies of freedom use the same technology that we do.
Pretty extraordinary, when you think about it. We celebrate certain characteristics of the 21st century: the globalization of commerce, the globalization of travel, the globalization of education, the globalization of communication. And that also makes us more vulnerable, because they can access the internet, they can travel around the world. They can hide, literally do hide, in democracies that provide liberties and freedoms that they would, they don't condone -- as a matter of fact, they condemn within their own organization.
So while we celebrate the benefits of a 21st century world, it makes us strong and vibrant and it really is an engine for progress. They use the same transportation system and the same internet and the same capacities for evil. And we know that we've got to be in this for the long haul. We know how smart they are. We know how they work together.
Ultimately, I think we prevail because we're smarter, we're more resolute, and we -- we're -- actually, we not just a little bit smarter, we're a lot smarter. And I see a lot of technology solutions everywhere I look within the Department, to be developed. Some may be on the shelf somewhere in some entrepreneur's garage or basement; some may be on the shelf somewhere in some academic environment. Some of you folks may be working on them now, but wherever I go, there's an interface between technology and our mission.
And one of our goals, and one of the mantras, one of the expressions we have within the Department, is that the perfect should not be the enemy of the good. We've got an 80 or 90 percent solution; I say let's apply it now, and work with smart people to get the other 20 or 10 percent. So we have a perfect solution. And our science and technology unit is geared to do just that.
We cannot secure this country from Washington, D.C. I say that, not just because I served as Governor, and believe that in a federal system we need to engage these partners, but we can't do it alone. And governments, even all levels of governments, together, can't do it alone. We do need the private sector, we do need private citizens. We have to educate citizens, individual citizens, about security at home. They don't think of it, but we think we do.
So we know that we've got some work to do, but we do know that quick actions and strong partnerships are, and will be, a means of achieving our goals. It certainly worked to help blunt the impact of the blaster worm this past August. Days later, built-in redundancies and preparations helped prevent loss of financial data during the East coast power outage.
So we know that, with our information sharing and analysis centers, the way we reach out to the private sector, when we give them information and have them act on it, we raise our country to a new level of security. We've seen it happen before, and we're going to rely on them again. Our public-private preparations to secure the homeland from terrorism were widely credited with helping communities prepare for Hurricane Isabel, just as Chris said.
We do this right, it helps us not only prevent, it helps us in our war against terrorism, but it helps us do other things as well. We've never had a Crisis Action Team, or a Situation Awareness Team that we could pull in together after the blackout. After the blackout, within an hour and a half, we had about 20 people in the Department of Homeland Security. It wasn't -- we concluded fairly early it wasn't a terrorist threat, or terrorist incident -- but suddenly we could give the President, and everybody else involved by the blackout, total situational awareness. All that information came to us; we could share it with everybody else. Same thing in preparation for Hurricane Isabel. First time ever, within this Department or any department, that we preposition people and resources and supplies in anticipation.
So again, we're thinking differently and acting differently, at the end of the day becoming a stronger and better country. I want to say we are also going to continue to invite more companies to join these information-sharing and analysis centers. They are critical to our effort to secure the homeland. We will continue to inform them of new threats and incidents.
One of the things we've done, and one of the tools that we have as we engage the private sector, are bulletins and advisories that we send out through the Department of Homeland Security. Every morning, a group of us meet with the President. And there's information that's shared, that we talk about. But until the Department was set up, and we had this Information Analysis Infrastructure Protection piece, a lot of that information wasn't being conveyed to the states and locals, and certainly wasn't being conveyed to the private sector.
So again, as we build up this distribution system, and build up these relationships, getting you timely and accurate information is really one of the most important things we do. We need also to make a business case for Homeland Security, as Chris pointed out. There are real incentives to act, incentives in both time and money, our key to our merging smart borders with Canada and Mexico. More than 3,000 companies are taking advantage of our Customs-Trade Partnership Against Terrorism.
We look at Operation Safe Commerce. Operation Safe Commerce operates like a venture capital fund, with tens of billions of dollars in grants for importers and exporters to improve the integrity of their supply chain.
Technology in the companies that supply it are helping in many, many other ways, from VACIS inspection machines at the border, to airborne sensors in dozens of cities checking for contaminants, to wireless and interoperable communications for first responders, to the biometrics that our new U.S. VISIT entry-exit visa check will deploy. Everywhere you look, in part, technology offers a solution. It might even be something we haven't seen yet, but we know it's out there, either in the mind of a creative individual or company, or sitting on the shelf somewhere.
The President's 2004 budget contains $75 million to fund and prototype new projects and innovations, selected by our Department in conjunction with the Technical Support Working Group.
We just sent one out the other day. This shows you how excited I am, because I get to see these things all the time. We sent out basically a request for a proposal; we had about $20 million. We wanted the private sector to take a look at these requests: "These are the priorities that the Department of Homeland Security has set. We need to know if you're interested or working on any of these areas."
Now, it wasn't a very huge sum of money. We had 3,300 responses. That's the kind of creativity, that's the kind of interest, that's the kind of innovation that's out there. And that's just a touch of what we've begun to see.
You know, one of these days, the very best of those 3,300 proposals will be utilized somewhere by our Department, perhaps by state and local first responders, and we will wonder then how we got along without them. We look even further to the future. Our science and technology team, lead by Dr. Charles McQueary, has announced the first 101 recipients of the new Homeland Security Scholars and Fellows Programs. What new solutions will be found by this next generation of future scientists? Don't know. It's a small part of our $900 million effort to harness the nation's best minds toward its most important challenge.
You should also know that the enabling legislation gave us the opportunity and responsibility to set up within Homeland Security an institution similar to the Defense Advanced Research Projects Agency. Some of you may have done some work with that group. Well, we have a Homeland Security Advanced Research Project Agency. Again, we've been seven months in operation, we don't have it completely configured the way we want it yet, but the notion that on an annual basis, we will be investing hundreds of millions of dollars in a similar fashion, to take advantage of the creativity and innovation of this country, I think is -- should give you, and certainly Americans, some comfort that we don't have the solution, it's out there and it's on the way.
All of this progress and promise adds up to a nation that is far more secure and better prepared than it was two years ago. It's good for the health and business -- for health of our businesses and our economy. And I believe the marketplace is ready to reward security in a big, big way, because security means reliability. And in this new era, that means security from terrorism. How much is this reliability worth to a customer who buys software or hardware from your companies? You are in a better position to answer that question than I am, but we know, working with you, we need to make the business case to companies generally, that it is in your best interest to secure these assets. And we're prepared to work with you to do that.
I was just telling the Chairman, I had occasion to have a conversation the other day with the Chairman of the Securities and Exchange Commission. Some of you probably remember, if you're working with publicly traded companies, that up to Y2K, as we dealt with that, there was a disclosure requirement, so that, in further instance, if I do share responsibilities, the corporate governance, they were supposed to tell their shareholders in the public what they were doing in anticipation of the Y2K problem. Well, we think we need to talk about some kind of public disclosure. What are you doing about your security, physical and cyber security? Tell your shareholders, tell your employees, tell the communities within which you operate. We have no resolution of that, but we think it's worthy and timely to begin that discussion now.
Two years ago, President Bush pledged that in defending our country, we will not sacrifice the freedoms that make our land unique. Technology has helped keep America the land of the free and the home of opportunity. Now it's being used to help protect our way of life. It will be used to stop terrorists at our borders, and to keep legitimate commerce flowing across the same borders. It will protect our physical infrastructure, and the electronic nerve system that runs it. And it will help us protect innocent people from being unfairly treated or unjustly targeted.
It is up to us to make our technological interdependence a strength, not a vulnerability. We must strive for a system in which one sector is always poised to help another get back on line after an attack by a terrorist or a hacker or Mother Nature -- a system made up of safety nets both human and electronic.
To make it happen, a strong partnership with BSA is not an option, from our point of view. We think it is a necessity. We look forward to working with you in developing and sustaining that strong partnership. And I thank you in advance for working with us to make it happen. Thank you very much. Thank you.
(Applause.)
Sure. A couple. Five minutes or so?
MODERATOR: We have a couple of questions, if people have some.
SECRETARY RIDGE: And don't feel obliged to limit them to me. Get the Chairman of the House, Homeland Security Committee here, so you might want to ask him a few. You don't want to neglect, ignore him.
QUESTION: Mr. Secretary, Secretary Ridge, first I'd like to, on behalf of my colleagues, I want to thank you for coming (inaudible). I'd like to ask you a question about first responders, what the Department is doing (inaudible), that does a lot of the software for those kinds of products, and just curious as to what your priorities are in terms of using, sort of, the new mobile technologies like Wi-Fi to communicate with first responders.
SECRETARY RIDGE: The question, if everyone, I've heard in the back, dealing with how our Department is looking to assist first responders a little more. I'll amplify that, all right? First, the President, with the support of Congress, has made a huge financial commitment. We now have on the streets nearly $4 billion to state and local governments for first responders -- 20 percent to the states, 80 percent to the localities.
It's surprising, in spite of everybody complaining that they haven't received any money yet, we're still waiting for the first couple of applications to be in -- we're prepared to send out checks. But the President just signed the '04 appropriations bill, so there'll be nearly another $4 billion, so by the end of this year, there'll be $8 billion out there available for first responders. But that's only part of it.
Secondly, we are driving the states to coordinate statewide strategies and plans, but to coordinate it being built from the ground up. We need to know that the $8 billion is being invested in a strategic way, and that the return on the investment gives us enhanced security. One of the challenges we have is, historically in a lot of other programs -- and I did this when I was a Congressman -- I came in and I wasn't so worried about how my piece of the pie fit into the statewide plan for Pennsylvania, I was just really interested in Northwester Pennsylvania. And so we're asking the governors to coordinate, but actually ask the mayors to help develop statewide plans, so that we can make sure we get a return.
Most of these dollars are going to go to first responders. I feel fairly confidently in terms of training exercises and equipment. And finally, what we need to do for the first responders -- and that's where the science and technology unit comes in -- we need to set standards and let the marketplace deliver the goods.
We really don't want to go out and say to a, to the first responders, "You need to buy, specifically, this kind of equipment." We want to set the standards for interoperability -- communications interoperability, but believe me, the standards have to be more far reaching than that. Something as mundane as hoses connecting, because the gauges are different. Something that is mundane that is lifesaving or life threatening as the connections on the air, on the breathing apparatus. So when we talk about interoperability, we not only talk about communications, but there's a lot of other interoperable needs that first responders have.
So, more money, a strategic plan driven from the ground up, and we set standards, and then we go to companies like yours and others around the country and around the world and say, "We've got a lot of money out there. They need this kind of equipment that meets these standards; you go invent it. Or if you have -- modify what you've got in order to meet those standards.
QUESTION: Hi, Mr. Secretary. Jim Lucier with Prudential. I remember last year or the year before, we heard from Richard Clark talking about the National Strategy to Secure Cyberspace, and you know, the efforts that we might be seeing (inaudible) from Washington, to encourage the private sector to build up its security, to filter and flow security through everything it did. You know, very important to see the white paper today with its elaboration on FISMA standards. Could you elaborate on what follow-up there's been from the Clark study in National Cyberspace Strategy, and also, how much of what the government is doing on security for its own systems is really new security as opposed to repainting previously (inaudible)?
SECRETARY RIDGE: One of the things I feel about the National Cyber Strategy -- I feel pretty good about it -- is, Dick Clark helped write it. I mean, there were a lot of other people involved on the Hill and around in the business community, but we think we've got a pretty good template. So you need to start with an overall strategy, modify it from time to time, but we have now within the Information Analysis Infrastructure Protection unit, a cyber team that we are -- we have put together, and it will be a tracking and response center as part of that. We will need far more collaboration with the private sector as part of our cyber -- as part of implementing part of our cyber security strategy.
So in balance, I think we've got a good way ahead. I think we're developing the resources, both in terms of money and people within the Department. We still don't quite have the private sector partnerships to get it done, but it's a work in progress and I think -- frankly, I think we're making pretty good progress. We've named -- some of you probably know Amid Yan (ph). Maybe you don't, maybe you do. But he was a highly respected -- he's a member of your alliance. He was out of the -- actually, he started the company and sold it to Symantec. And so we've asked him to forget that private sector -- the hours are too good, the pay's too high -- you know, you don't want to do that. Why don't you come on in to the Department of Homeland Security?
So he's actually going to oversee our cyber security operation within the Department. We're thrilled to have him, he's a member of your alliance, again, with him, Carnegie Mellon, other universities, I think we've been putting in place a pretty good -- we've got a good strategy, now we need to develop an infrastructure to act on it.
QUESTION: Hi, my name's Andy Williamson. I'm an American who grew up in the U.K. Two questions about your speech, two things that were significant by their omission, and I wonder whether omission was intentional. When you were talking about prevention of terrorist attacks and that kind of thing, you didn't mention reducing the motives for those attacks. Also, in your introduction, you used "bridges" metaphor, which you extended to connect communities and organizations and that kind of thing. And you got as far as connecting people nationally, but you didn't extend that beyond the national boundaries to connect people internationally. Again, I wonder if those two omissions were intentional or significant.
SECRETARY RIDGE: Very good. Sorry. I've got very good technology with a digital hearing aid, but it's not perfect. But since it's not perfect, I decided perfect is not the enemy of the good, I bought it.
(Laughter.)
So, great question. And the reason I say that is because -- the first town meeting I had with the new employees of the Department, who showed a level of sophistication and appreciation of their mission -- the first question I was asked at the first town meeting by an employer about the international implications of the Department. That was a very appropriate question. And you, sir, I would tell you that we need partners in the global war on terror. We've got quite a few of them. And information technology is a key to that partnership in terms of sharing information and acting on it.
Operationally, we -- our job in the Department is to make sure that our borders in the United States are the last line of defense, not the first line of defense. And so we need to put people and resources and technology throughout the world to get that information about people and cargo, etc., so we can act on it far away from our shores. We have customs and border patrol agents now that are in 19 or 20 of the largest megaports that generate about 65 percent of the cargo traffic to the United States. They've got non-intrusive technology. We require companies to send us via the internet their cargo manifests. We've got a pretty sophisticated targeting system.
So I would just say to you that whether it's dealing with commercial shipping, commercial aviation, sharing of information among law enforcement communities, the intelligence communities -- in order for us to combat and defeat global terrorism, we need global partners. And we've got some strong, engaged and committed partners around the world. Our job is to continue to sustain that relationship.
I might add, notwithstanding occasionally some disputes we have with other countries about certain aspects of the war on terror, the information-sharing component of the relationship continues to be pretty solid. And I think everyone needs to know that.
Good. I'm sure they want to get dessert. I'll get out of your way. Thanks very much.
This page was last modified on 10/09/03 00:00:00