js-1031: Remarks of <script type="text/javascript"> var wmNotice = "UNT Web Archive - External links, forms, and search boxes may not function within this collection. Url: http://www.treasury.gov/press/releases/js1031.htm time: 0:40:41 May 15, 2009"; var wmHideNotice = "hide"; var contextRoot = "https://webarchive.library.unt.edu/eot2008/"; </script> <script type="text/javascript" src="https://webarchive.library.unt.edu/eot2008/js/disclaim.js"></script> <BR>Michael A. Dawson<BR>Deputy Assistant Secretary<BR>for<BR> Critical Infrastructure Protection and Compliance Policy<BR> at the Fourth E-Gov Homeland Security Conference<BR>Washington, D.C.



	FROM THE OFFICE OF PUBLIC AFFAIRS To view or print the PDF content on this page, download the free Adobe® Acrobat® Reader®. December 3, 2003 js-1031 Remarks of Michael A. Dawson Deputy Assistant Secretary for Critical Infrastructure Protection and Compliance Policy at the Fourth E-Gov Homeland Security Conference Washington, D.C. Thank you for this opportunity to address the economic risks associated with terrorism. This is an issue that is very important to the Department of the Treasury. At the Treasury, we are responsible for developing and promoting policies that create jobs and improve the economy. We are equally concerned with developing and promoting policies that enhance the resiliency of the economy, policies that minimize the economic damage and speed economic recovery from a terrorist attack. In addition to these general responsibilities, the President has named Treasury as the lead agency to enhance the resiliency of the critical financial infrastructure. These two responsibilities are closely related. As Secretary Snow has said, the financial system is the engine of our economy. In a very real sense, the resilience of the American economy depends on the resilience of the American financial system. Fortunately, we are starting from a very strong base. The American economy is remarkably resilient. Over the past few years, we have seen that resilience first hand, as the American economy withstood a significant fall in equity prices, a recession, the terrorist attacks of September 11, a rash of corporate governance scandals, and power outage of August 14-15. There are many reasons for the resilience of the American economy. Good policies have played an important part. So has the resilience of the American people. One of the reasons we are so strong is that our people are so tough, so determined to protect our way of life. Like the economy as a whole, the American financial system is remarkably resilient. During the power outage in August that affected cities from Cleveland to New York City, for example, the financial system performed extraordinarily well. With one exception, the bond and major equities and futures markets were open the next day at their regular trading hours. Major market participants were well prepared, having invested in contingency plans, procedures, and equipment such as backup power generators. This resilience mitigates the economic risks of terrorist attacks, both to the financial system itself and to the American economy as a whole. Although we are starting from a strong base, the fact remains that we are still exposed to significant risks of economic disruption from terrorist attacks. Four principles guide our efforts to manage these risks. These principles guided our decisions as the financial system recovered from the attacks of September 11th. They guide our actions still. The first principle is to remember that the financial system is really about people. People, not buildings or computers, produce financial services. And it is people who benefit from financial services. We depend on people to run the financial system. We need these people – tellers, technicians, loan officers, technicians, technologists – to see the system through times of stress. Indeed, it was the commitment of these professionals to their institutions, customers, and colleagues that helped the financial system recover from the attacks of September 11th and weather the power outage of August 14-15. Just as we depend on people to run the financial system, people depend on the financial system to run. Virtually every American depends on financial services to get their paycheck, buy their groceries, purchase a house, finance their children's education, or save for retirement. We must ensure that people continue to have confidence that the financial system will meet their needs. The second principle is the importance of maintaining confidence. Confidence in the ability of financial institutions to clear checks, execute transactions, and satisfy insurance obligations helps the system weather significant disruption from evolving threats. By relying on a sound financial system, Americans can make business decisions for the future and conduct necessary business in the present. The third principle is to ensure that the financial system remains accessible and open for business when the safety of the employees permits. During times of disaster, investors depend on markets to price the impact of the disruption on assets. The longer markets are closed, the longer investors must go without knowing what the impact will be. This uncertainty can itself be harmful to the economy, compounding the impact of any disruption. The sooner we can eliminate this uncertainty, the more we can mitigate the impact and speed recovery. Fourth, we want to promote responsible decision-making and problem-solving within the private sector. Financial institutions should make the appropriate decisions without waiting for guidance from Washington. After all, it is the private sector that owns and operates the majority of the financial systems. And it is the private sector that best knows how to help these systems recover from a disruption. We will help when needed, but we intend for the private sector to find the necessary solutions. These are the principles that guide our actions in managing the risks of terrorism to our financial system. But what are our actions? Let me highlight just three. First, we have helped to develop a next generation Financial Services Information Sharing and Analysis Center (FS/ISAC). Since 1999, the FS/ISAC has been a leader in information sharing for the financial sector, allowing members to receive and submit anonymous reports on security threats and solutions. The FS/ISAC, however, has been limited in scope. It focused primarily on cyber threats. And it served only 56 financial institutions, albeit 56 of the biggest ones. In addition, Congress has expressed concern over the technological capabilities of the FS/ISAC. Shortly, Treasury will help launch a new and improved FS/ISAC. This next generation FS/ISAC will include both cyber and physical threat information; serve the entire sector, not just 56 large institutions; and deploy a secure, confidential technology platform where companies can exchange information in real time as they identify vulnerabilities, address the vulnerabilities, and respond to attempts to exploit the vulnerabilities. Second, we have recently reached an agreement with Assistant Secretary Patrick Hughes of the Department of Homeland Security to detail an expert in financial services issues to the Information Analysis directorate of the Homeland Security Department. Initially, this person will be a Department of the Treasury employee. Over time, however, we will rotate other employees from other financial regulators through the Department. In so doing, we will ensure that financial services issues and perspectives are considered early in the process of evaluating information about terrorist threats. The resulting product will help federal, state, and local authorities better protect our financial infrastructure. As important, when we are able to share that information with the private sector, it will help the owners and operators of that infrastructure better manage risks. Third, we have developed proven procedures for secure communications between federal and state financial regulators. During times of crisis, these communications procedures help financial regulators share information about the impact of an event on the financial institutions regulated by that regulator. By pooling information about the impact of a disruption, we can together form a quick, accurate assessment of the overall impact of an event on the financial sector as a whole. This information helps guide our action as regulators. But, more importantly, we can share the information with financial institutions and help them better weather the disruption. This system worked in real time during the power outage of August 14-15 and its results were summarized in a report to Congress in October of 2003. (The report is available at http://www.treas.gov/offices/domestic-finance/financial-institution/cip/pdf/impact.pdf) These are but three of our recent actions. They highlight the importance we place on developing accurate and timely information about threats and sharing that information with the private sector. As more and better information about the threats they face becomes available, the people in the private sector who own and operate our financial infrastructure can better estimate the risks they bear. Furthermore, they can better invest to reduce the probability of a threat against their infrastructure, thereby lessening the consequences that a disruption might pose.