September 12, 2006
hp-91

Remarks of D. Scott Parsons,
Deputy Assistant Secretary
(Critical Infrastructure Protection and Compliance Policy)
U.S. Department of the Treasury

Before the Financial and Banking Information Infrastructure
Committee/ Financial Services Sector Coordinating Council

NEW YORK CITY, NY - Thank you Chris. And thanks to each of you for making the commitment to be here today.

Yesterday marked the fifth anniversary of the terrorist attacks of September 11, 2001. The attacks took the lives of thousands of Americans as well as citizens of 48 other countries. It is important to remember the atrocities of 9-11, the victims of 9-11 and their families, and all those who have suffered at the hands of the enemies of freedom and liberty. It is important to remember on anniversaries such as this because it reminds us all of the cost of freedom here in New York, in Washington, in Pennsylvania, across America--and around the world. Freedom is not free. It reminds me of why I signed up for this job after 9-11, and why we have all committed so much time and to this effort. Working together, we have made the United States a safer, more secure, more resilient place to live and work.

Each of you has made a difference. I commend you for your knowledge, your tenacity, and your team work, and your hard work to improve the security of the American financial services sector. These efforts have involved the strengthening of public-private partnerships, and together we have made great strides since 9-11 towards improving the security and resilience of the financial services sector in this country.

The President has taken historic actions to protect America – our people and our critical infrastructure. Execution of his plan has produced enduring results. President Bush understands the important role of the private sector. In fact, his strategy embraces a public-private partnership.

Since September 11^th, President Bush has restructured and reformed the Federal government to focus resources on counterterrorism and to ensure the security of our homeland. Along with creating the Department of Homeland Security, the President established the Homeland Security Council, which is charged with ensuring the coordination of al homeland security-related activities among Executive departments and agencies. The Homeland Security Advisory Council, which includes private sector leaders and their state and local counterparts, was also established to provide recommendations on ways to improve coordination, cooperation, and communication among federal, state and local officials and the private sector.

As the lead sector specific agency for the financial services sector, the Treasury works closely with the Department of Homeland Security and the Homeland Security Council, as well as with the other financial regulators and the private sector to address areas of concern to the industry. Developing and sharing accurate and timely information about threats is critically important. Three organizations essential to these information sharing efforts are the Financial and Banking Information Infrastructure Committee (FBIIC), the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC), and the Financial Services Information Sharing and Analysis Center (FS-ISAC). Through these organizations, the financial services sector has made dramatic improvements to the security and resiliency of our critical infrastructure.

The FBIIC, a standing committee of the President's Working Group on Financial Markets, is charged with coordinating federal and state financial regulatory efforts to improve the resilience of the U.S. financial system, in the face of man-made attacks or natural disasters. Treasury Assistant Secretary for Financial Institutions Emil W. Henry, Jr. chairs this committee. The FBIIC has developed emergency protocols which are activated when an incident occurs and has redundant communication systems to increase the speed of information flow among agencies.

The FSSCC acts as the private sector group coordinating private sector thinking and actions regarding critical infrastructure resilience. Among its many accomplishments, the FSSCC assists the sector with planning and procedures during crises, testing and simulation exercises, and has coordinated back-up capabilities between the New York Stock Exchange and the NASDAQ Stock Market, allowing each institution to back the other up in case of failure.

The FBIIC and the FSSCC work closely together on a number of key initiatives including conducting outreach meetings such as this one throughout our nation. Additionally, these organizations work together to consider emerging threats and identify preventive measures.

Understanding that financial institutions need to work closely with local and state officials, we have worked to organize and establish regional coalitions. Two examples of these regional coalitions are FloridaFirst and ChicagoFirst. Through these coalitions, we have seen great progress in coordination and planning on a local and regional basis. They also provide us a single point of contact to give the most up-to-date information directly to institutions during crises. For example, during events such as hurricanes Katrina, Wilma and most recently tropical storm Ernesto, we remained in constant contact with FloridaFirst, sharing the latest projections, assessing the condition of the sector, and standing ready to offer resources where needed.

Along with the FBIIC and FSSCC, the FS-ISAC plays a critical role in informing the financial services sector during crises. It is the primary communications mechanism we use to share threat information, and to communicate with the sector during crisis. It currently serves over 8,000 firms nationwide.

We have made many improvements in the resiliency of the financial sector, including:

Identifying the systemically critical infrastructure and working to remediate any vulnerabilities;
Arranging for financial institutions to have priority access to telecommunications, both land based and wireless;
Working closely with the private sector and federal, state, and local officials to coordinate protective efforts for the financial sector;
Establishing systems and procedures to enable the Federal financial regulators to communicate among themselves and with the private sector during times of crisis as well as promoted industry measures to maintain their own crucial financial communications with each other;
Conducting numerous drills and exercises to test backup systems and prepare financial professionals;
Working closely with the private sector to share best practices and improve business continuity plans;
Created a research and development agenda for the financial sector.

The private sector has made substantial investments to improve its resilience. We have much better geographic diversity with the location of backup operating sites now many hundreds of miles away from the primary operating facility. This enables financial institutions to switch their information technology operations to backup facilities very quickly, which preserves the integrity of data and allows for continuation of orderly transaction processing. This also provides better redundancy for key dependencies, such as telecommunications and electricity. Additionally, regular testing of systems and plans, combined with cross-training of key employees, helps to ensure continuity of operations.

As recent history demonstrates, our efforts to make financial institutions resilient against terrorism helps to improve our sector's stance against all hazards, be they intentional or unintentional, man made or natural. These collective efforts take us far towards ensuring the confidence in the availability of our markets and the strength of our economy remains warranted. Moreover, the resolve and spirit of the employees that work for our institutions is why we are accomplishing our goals.

That said, there are still great threats looming. Looking forward, we must consider the threat of a possible pandemic influenza epidemic as part of our business continuity and risk management planning. The FBIIC and the FSSCC have formed working groups to focus on the potential impact that a pandemic flu may have on the financial services sector. Working together we will meet this challenge as we will continue to fight the war on terrorism.

As we saw on the fateful morning of September 11^th 2001, American financial institutions are symbols of our freedom and democracy both at home and throughout the world. To the people of this great nation, these institutions are sources of trust and confidence -- giving life to the great promise of achieving the American dream. Whether it is starting a new business or buying a home or opening a college savings account, our financial institutions embody the American way of life – a way of life that these terrorists want to destroy.

We are not alone as targets of this evil. As we've seen throughout the world in places such as London, Madrid, Bali, Jakarta, Istanbul, Nairobi, and Baghdad, these terrorists will strike innocents wherever they congregate and will use these attacks to recruit greater numbers to their organizations. Nor shall we assume that since there have not been direct attacks on our soil since 9-11 we can become complacent. As recent arrests in London remind us, we remain at war against terrorists that wish to destroy those that embrace our values of freedom.

Five years after 9-11, we remain vigilant and we remain committed to fighting terrorism. In the words of Winston Churchill "One ought never to turn one's back on a threatened danger and try to run away from it. If you do that, you will double the danger. But if you meet it promptly and without flinching, you will reduce the danger by half."



	September 12, 2006 hp-91 Remarks of D. Scott Parsons, Deputy Assistant Secretary (Critical Infrastructure Protection and Compliance Policy) U.S. Department of the Treasury Before the Financial and Banking Information Infrastructure Committee/ Financial Services Sector Coordinating Council NEW YORK CITY, NY - Thank you Chris. And thanks to each of you for making the commitment to be here today. Yesterday marked the fifth anniversary of the terrorist attacks of September 11, 2001. The attacks took the lives of thousands of Americans as well as citizens of 48 other countries. It is important to remember the atrocities of 9-11, the victims of 9-11 and their families, and all those who have suffered at the hands of the enemies of freedom and liberty. It is important to remember on anniversaries such as this because it reminds us all of the cost of freedom here in New York, in Washington, in Pennsylvania, across America--and around the world. Freedom is not free. It reminds me of why I signed up for this job after 9-11, and why we have all committed so much time and to this effort. Working together, we have made the United States a safer, more secure, more resilient place to live and work. Each of you has made a difference. I commend you for your knowledge, your tenacity, and your team work, and your hard work to improve the security of the American financial services sector. These efforts have involved the strengthening of public-private partnerships, and together we have made great strides since 9-11 towards improving the security and resilience of the financial services sector in this country. The President has taken historic actions to protect America – our people and our critical infrastructure. Execution of his plan has produced enduring results. President Bush understands the important role of the private sector. In fact, his strategy embraces a public-private partnership. Since September 11^th, President Bush has restructured and reformed the Federal government to focus resources on counterterrorism and to ensure the security of our homeland. Along with creating the Department of Homeland Security, the President established the Homeland Security Council, which is charged with ensuring the coordination of al homeland security-related activities among Executive departments and agencies. The Homeland Security Advisory Council, which includes private sector leaders and their state and local counterparts, was also established to provide recommendations on ways to improve coordination, cooperation, and communication among federal, state and local officials and the private sector. As the lead sector specific agency for the financial services sector, the Treasury works closely with the Department of Homeland Security and the Homeland Security Council, as well as with the other financial regulators and the private sector to address areas of concern to the industry. Developing and sharing accurate and timely information about threats is critically important. Three organizations essential to these information sharing efforts are the Financial and Banking Information Infrastructure Committee (FBIIC), the Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security (FSSCC), and the Financial Services Information Sharing and Analysis Center (FS-ISAC). Through these organizations, the financial services sector has made dramatic improvements to the security and resiliency of our critical infrastructure. The FBIIC, a standing committee of the President's Working Group on Financial Markets, is charged with coordinating federal and state financial regulatory efforts to improve the resilience of the U.S. financial system, in the face of man-made attacks or natural disasters. Treasury Assistant Secretary for Financial Institutions Emil W. Henry, Jr. chairs this committee. The FBIIC has developed emergency protocols which are activated when an incident occurs and has redundant communication systems to increase the speed of information flow among agencies. The FSSCC acts as the private sector group coordinating private sector thinking and actions regarding critical infrastructure resilience. Among its many accomplishments, the FSSCC assists the sector with planning and procedures during crises, testing and simulation exercises, and has coordinated back-up capabilities between the New York Stock Exchange and the NASDAQ Stock Market, allowing each institution to back the other up in case of failure. The FBIIC and the FSSCC work closely together on a number of key initiatives including conducting outreach meetings such as this one throughout our nation. Additionally, these organizations work together to consider emerging threats and identify preventive measures. Understanding that financial institutions need to work closely with local and state officials, we have worked to organize and establish regional coalitions. Two examples of these regional coalitions are FloridaFirst and ChicagoFirst. Through these coalitions, we have seen great progress in coordination and planning on a local and regional basis. They also provide us a single point of contact to give the most up-to-date information directly to institutions during crises. For example, during events such as hurricanes Katrina, Wilma and most recently tropical storm Ernesto, we remained in constant contact with FloridaFirst, sharing the latest projections, assessing the condition of the sector, and standing ready to offer resources where needed. Along with the FBIIC and FSSCC, the FS-ISAC plays a critical role in informing the financial services sector during crises. It is the primary communications mechanism we use to share threat information, and to communicate with the sector during crisis. It currently serves over 8,000 firms nationwide. We have made many improvements in the resiliency of the financial sector, including: Identifying the systemically critical infrastructure and working to remediate any vulnerabilities; Arranging for financial institutions to have priority access to telecommunications, both land based and wireless; Working closely with the private sector and federal, state, and local officials to coordinate protective efforts for the financial sector; Establishing systems and procedures to enable the Federal financial regulators to communicate among themselves and with the private sector during times of crisis as well as promoted industry measures to maintain their own crucial financial communications with each other; Conducting numerous drills and exercises to test backup systems and prepare financial professionals; Working closely with the private sector to share best practices and improve business continuity plans; Created a research and development agenda for the financial sector. The private sector has made substantial investments to improve its resilience. We have much better geographic diversity with the location of backup operating sites now many hundreds of miles away from the primary operating facility. This enables financial institutions to switch their information technology operations to backup facilities very quickly, which preserves the integrity of data and allows for continuation of orderly transaction processing. This also provides better redundancy for key dependencies, such as telecommunications and electricity. Additionally, regular testing of systems and plans, combined with cross-training of key employees, helps to ensure continuity of operations. As recent history demonstrates, our efforts to make financial institutions resilient against terrorism helps to improve our sector's stance against all hazards, be they intentional or unintentional, man made or natural. These collective efforts take us far towards ensuring the confidence in the availability of our markets and the strength of our economy remains warranted. Moreover, the resolve and spirit of the employees that work for our institutions is why we are accomplishing our goals. That said, there are still great threats looming. Looking forward, we must consider the threat of a possible pandemic influenza epidemic as part of our business continuity and risk management planning. The FBIIC and the FSSCC have formed working groups to focus on the potential impact that a pandemic flu may have on the financial services sector. Working together we will meet this challenge as we will continue to fight the war on terrorism. As we saw on the fateful morning of September 11^th 2001, American financial institutions are symbols of our freedom and democracy both at home and throughout the world. To the people of this great nation, these institutions are sources of trust and confidence -- giving life to the great promise of achieving the American dream. Whether it is starting a new business or buying a home or opening a college savings account, our financial institutions embody the American way of life – a way of life that these terrorists want to destroy. We are not alone as targets of this evil. As we've seen throughout the world in places such as London, Madrid, Bali, Jakarta, Istanbul, Nairobi, and Baghdad, these terrorists will strike innocents wherever they congregate and will use these attacks to recruit greater numbers to their organizations. Nor shall we assume that since there have not been direct attacks on our soil since 9-11 we can become complacent. As recent arrests in London remind us, we remain at war against terrorists that wish to destroy those that embrace our values of freedom. Five years after 9-11, we remain vigilant and we remain committed to fighting terrorism. In the words of Winston Churchill "One ought never to turn one's back on a threatened danger and try to run away from it. If you do that, you will double the danger. But if you meet it promptly and without flinching, you will reduce the danger by half."