[House Hearing, 110 Congress] [From the U.S. Government Publishing Office] THE RESILIENT HOMELAND: BROADENING THE HOMELAND SECURITY STRATEGY ======================================================================= HEARING before the COMMITTEE ON HOMELAND SECURITY HOUSE OF REPRESENTATIVES ONE HUNDRED TENTH CONGRESS SECOND SESSION __________ MAY 6, 2008 __________ Serial No. 110-110 __________ Printed for the use of the Committee on Homeland Security [GRAPHIC] [TIFF OMITTED] Available via the World Wide Web: http://www.gpoaccess.gov/congress/ index.html __________ U.S. GOVERNMENT PRINTING OFFICE 42-876 PDF WASHINGTON DC: 2008 --------------------------------------------------------------------- For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov Phone: toll free (866)512-1800 DC area (202)512-1800 Fax: (202) 512-2250 Mail Stop SSOP, Washington, DC 20402-0001 COMMITTEE ON HOMELAND SECURITY Bennie G. Thompson, Mississippi, Chairman Loretta Sanchez, California Peter T. King, New York Edward J. Markey, Massachusetts Lamar Smith, Texas Norman D. Dicks, Washington Christopher Shays, Connecticut Jane Harman, California Mark E. Souder, Indiana Peter A. DeFazio, Oregon Tom Davis, Virginia Nita M. Lowey, New York Daniel E. Lungren, California Eleanor Holmes Norton, District of Mike Rogers, Alabama Columbia David G. Reichert, Washington Zoe Lofgren, California Michael T. McCaul, Texas Sheila Jackson Lee, Texas Charles W. Dent, Pennsylvania Donna M. Christensen, U.S. Virgin Ginny Brown-Waite, Florida Islands Gus M. Bilirakis, Florida Bob Etheridge, North Carolina David Davis, Tennessee James R. Langevin, Rhode Island Paul C. Broun, Georgia Henry Cuellar, Texas Candice S. Miller, Michigan Christopher P. Carney, Pennsylvania Yvette D. Clarke, New York Al Green, Texas Ed Perlmutter, Colorado Bill Pascrell, Jr., New Jersey Jessica Herrera-Flanigan, Staff Director & General Counsel Rosaline Cohen, Chief Counsel Michael Twinchek, Chief Clerk Robert O'Connor, Minority Staff Director (II) C O N T E N T S ---------- Page Statements The Honorable Bennie G. Thompson, a Representative in Congress From the State of Mississippi, and Chairman, Committee on Homeland Security.............................................. 1 The Honorable Peter T. King, a Representative in Congress From the State of New York, and Ranking Member, Committee on Homeland Security.............................................. 2 The Honorable Sheila Jackson Lee, a Representative in Congress From the State of Texas........................................ 3 Witnesses The Honorable Stewart A. Baker, Assistant Secretary for Policy, Department of Homeland Security: Oral Statement................................................. 4 Prepared Statement............................................. 6 Dr. Yossi Sheffi, Professor of Engineering, Massachusetts Institute of Technology: Oral Statement................................................. 9 Prepared Statement............................................. 11 Mr. Erroll G. Southers, Assistant Chief, Homeland Security and Intelligence Division, Los Angeles World Airports Police Department: Oral Statement................................................. 13 Prepared Statement............................................. 15 Ms. Susan R. Bailey, Ph.D., Vice President, Global Network Operations Planning, AT&T, Inc.: Oral Statement................................................. 22 Prepared Statement............................................. 24 Ms. Mary Arnold, Vice President--Government Relations, SAP America: Oral Statement................................................. 27 Prepared Statement............................................. 29 Appendix Questions From Honorable Mike Rogers............................. 55 THE RESILIENT HOMELAND: BROADENING THE HOMELAND SECURITY STRATEGY ---------- Tuesday, May 6, 2008 U.S. House of Representatives, Committee on Homeland Security, Washington, DC. The committee met, pursuant to call, at 10 a.m., in Room 311, Cannon House Office Building, Hon. Bennie G. Thompson [chairman of the committee] presiding. Present: Representatives Thompson, Harman, Lowey, Norton, Jackson Lee, Christensen, Etheridge, Cuellar, Carney, Green, Pascrell, King, Lungren, Rogers, Reichert, Dent, and Miller. Chairman Thompson. The Committee on Homeland Security will come to order. I would like to thank Ms. Jackson Lee for agreeing to tentatively step in in place of the Chair in case my flight did not get in, but believe it or not, we got in on time. Thank you very much, Ms. Jackson Lee, for agreeing. The committee is meeting today to receive testimony from the Department of Homeland Security and from key stakeholders to better understand their efforts to communicate, to coordinate and to collaborate on resilience as a critical part of their mission and operation. I would like to welcome this panel of esteemed individuals who are here to testify before the Committee on Homeland Security about resiliency. As the world becomes increasingly more flat, a primary distinction between a competitive nation and those nations left behind will be a nation's resilience. ``Resilience'' is commonly defined as the ability to recover or adjust easily to misfortune or to change. As it relates to the Department and its functions, resilience is a practice which will allow a quick return to effective, if not 100 percent normal, operations in the wake of an attack or a disaster. Today, we will hear from key partners on this issue--the private sector, one of the country's busiest airports and a leading airport--on resilience. Our Nation's success is in the hands of our critical partners, and we have a role to play. Of the Nation's critical infrastructure, 85 percent, is owned or operated by the private sector. The business community must have cutting-edge technology in order to effectively bounce back. Colleges and universities must provide sound research on the latest technologies and must develop curricula to train the next generation of homeland security experts. Under my leadership, the committee has taken steps to further the resilience of our Nation's critical infrastructure. Understanding that we all have a role to play, this committee has taken the lead on making the necessary legislative changes. Earlier this year, the committee adopted and reported out the Chemical Facility Antiterrorism Act of 2008, which included the promotion of inherently safer technology to lower the possible consequences of an attack or of an accident at a facility. Last year, H.R. 1, or the 9/11 bill, was signed into law, and it included a title that promotes the Private Sector Preparedness Voluntary Certification Program, which encourages stakeholders to adopt standards that ensure effective continuity. Just last week, the Subcommittee on Emergency Communications, Preparedness, and Response marked up H.R. 5890, the Citizen and Community Preparedness Act of 2008, a bill that supports citizen preparedness, which is the cornerstone of a resilient homeland. On the other hand, since 9/11, this administration has focused solely on preventing the next attack as opposed to how best to recover should an incident occur. That, of course, is not the best approach. We must ensure that the Department is properly communicating, collaborating and coordinating with key stakeholders and critical partners to make sure that we, as a Nation, are prepared for what to do after an attack. Resilience offers an effective metric: time. We know that companies can measure how long they will be down in the wake of a particular disaster and can work to minimize that time. So it makes sense that the ability to measure downtime makes resilience a good security policy. Simply put, the longer our economic sector is down, the more the terrorists will brag that they are successful. I know that resilience is not universally applicable, but where it is resilient, the Department must promote resilience. In closing, promoting resilience requires honesty with the American people. It is through that honesty that we can provide this Nation's citizens with freedom from fear. It also ensures the involvement of critical stakeholders and keeping America strong. The Chair now recognizes the ranking member of the full committee, the gentleman from New York, Mr. King, for an opening statement. Mr. King. Thank you, Mr. Chairman. I am glad you made your plane. It is always good to have you here. Very seriously, I want to thank you for holding this hearing. Obviously, resiliency is an important component of the whole homeland security effort. As you pointed out in your remarks, 85 percent of the infrastructure--of the critical infrastructure, is privately owned; and that is probably what separates or that is probably the largest distinction between homeland security and the traditional overseas threats we face. Until September 11, certainly our concept of security was that we would have the military protect us, and it was primarily an overseas operation, done through the Defense Department. With Homeland Security, we realize how much of a factor not just local governments have but also private industry, the private sector. You are right, resilience is absolutely essential if we are to prevail against terrorism in all its forms. Of course, the longer we are down, the greater the victory it will be for an Islamic terrorist attack. Now, certainly in New York, we have seen resiliency. We saw the police and firefighters after September 11. We saw the New York Stock Exchange open within approximately 1 week of the attacks on the World Trade Center. We saw the clearing of the area at Ground Zero in less than 8 months when people were projecting 2 years, but the fact is, more can be done, more must be done. I know the Department of Homeland Security works within the whole concept of continuity of government. Certainly we in the Congress have to work also on the continuity of government. There are so many elements to this, as to how long it can take us and the various sectors to bounce back as quickly as possible. So I look forward to the testimony. I want to especially, on a side note, thank Secretary Baker for the work he has done lately as far as certain 9/11 victims in New York. It took a lot of guts and ingenuity on your part. I truly appreciate that, and I will do all I can to support your efforts as we go forward. With that, I yield back, and I look forward to the testimony. Chairman Thompson. All members of the committee are reminded that, under committee rules, opening statements may be submitted for the record. [The statement of Hon. Jackson Lee follows:] Prepared Statement of Hon. Sheila Jackson Lee As we approach the 7-year anniversary of the attacks on September 11, 2001, and the 3-year anniversary of Hurrican Katrina, one of the most devastating hurricanes in our Nation's history, and reflect upon the Federal Government's response, I think it is a very appropriate time to critically re-examine our capacity for response, recovery, and resilience. Of the Nation's critical infrastructure assets, 85% are owned or operated by the private sector. Furthermore, a February 2006 report entitled ``The Federal Response to Hurricane Katrina: Lessons Learned'' states that the Federal Government should recognize that the private sector often performs certain functions more efficiently and effectively than the government because of the expertise and experience in applying successful business models. Thus, the private sector plays an integral role in our resilience efforts. However, we also need to hear from DHS because we cannot only rely on private solutions to public harms. The government should not abrogate its responsibility over the general welfare of its citizens, and all levels of government (Federal, State, and local) must do a better job of coordinating and ensuring that recovery, response, and resilience efforts are made and delivered in a more comprehensive and efficient manner in the wake of attacks, disasters, or disruptions. DHS must lead the effort to implement policies which mitigate the effects of an attack, disaster, or disruption and ensure that people, systems, and assets are operating effectively immediately after such an eventuality. Chairman Thompson. Let me at the outset ask that, if you have a cell phone, please put it on vibrate or Mr. Twinchek is authorized to handcuff whoever's phone rings and will drag him out of the committee room. Please, honor our rules. Phones are not to be on audible, and we will hope that you will respect the rules. I welcome our panel of witnesses. Our first witness, the Honorable Stewart Baker, is Assistant Secretary for Policy at the Department of Homeland Security. Mr. Baker will discuss how the Department is promoting resilience and is communicating, coordinating and collaborating with critical stakeholders. Our second witness, Dr. Yossi Sheffi---- Mr. Sheffi. Close enough. Chairman Thompson. Close enough? All right--is a Professor of Engineering at the Massachusetts Institute of Technology. He is an expert in promoting resiliency, who will discuss the importance of investing in resilience, which can result in heightened security and can help stakeholders gain an economically competitive advantage. Our third witness is Erroll Southers, Chief of Homeland Security and Intelligence, Los Angeles World Airports Police Department. Chief Southers will demonstrate how local governments are implementing policies of resilience to ensure the continuity of operation. Our fourth witness is Dr. Susan Bailey, Vice President of Global Network Operations Planning, AT&T. Dr. Bailey will outline how her company's approach to protecting its network and in responding to disasters is a best practice model. Our fifth witness is Mary Arnold, Vice President, Government Relations, SAP America. Ms. Arnold will broadly discuss resilience and the global supply chain. The committee is pleased to have you here as our panel of witnesses. Without objection, the witnesses' full statements will be inserted in the record. I now recognize each witness to summarize their statements for 5 minutes, beginning with Assistant Secretary Baker. STATEMENT OF HON. STEWART A. BAKER, ASSISTANT SECRETARY FOR POLICY, DEPARTMENT OF HOMELAND SECURITY Mr. Baker. Thank you, Chairman Thompson, Ranking Member King and distinguished members of the committee. I am pleased to appear before you today to talk about how the Department of Homeland Security can build a resilient homeland. Everyone, I believe, understands the Department's primary mission to be preventing acts of terrorism; we must make every effort to stop an attack. But I think everyone also recognizes that that is not enough. We have to do more. We have to recognize that stopping every terrorist attack may not be possible, and certainly, we are not going to stop every natural disaster. That means that we have to be prepared. We have to plan for and be prepared for what happens the day after, the hour after, the minute after an attack or a natural disaster. We have to be prepared in a way that allows us to bounce back quickly from the consequences of the attack or the disaster. That is ``resilience,'' and it is a vital part of our mission as the Department of Homeland Security. I want to begin by giving credit to the committee for having a hearing on this topic. It is an absolutely essential topic. It is one that should inform every aspect of the Department's policy, and it is not something that receives attention every day. We are looking forward to the month of hearings that will address these issues across the board at the Department. As we have thought about how to promote resilience, at least in the Department, we have begun with what we think are our strengths as a Nation. We are a free and independent people, and we are served by a free market, and those actually turn out to be the central elements of a resilient response to disaster. There is no government in the world that can respond as creatively and as quickly as individuals who are concerned with the well-being of their families, of their businesses and of their communities. What we need to do as a government is to play a role that allows those individuals, that allows those businesses to respond quickly and creatively on their own to disasters, but in a framework that we have created that will encourage creativity and will give people the tools that they need to respond. So, as we have thought about resilience, we think of it in terms of providing tools, including new technologies, to individuals and businesses so they can respond creatively as individuals and businesses; and second, creating the kind of order and infrastructure that allow people to focus on the response to the disaster and not on self-protection, not on simply trying to make their telephones work. I will give just two examples of the kinds of things that we think contribute to resilience; and then, of course, after the opening statements, I will be glad to elaborate in response to questions. Information: The kinds of information that people need to respond on their own, and creatively, to disasters, I think was vividly illustrated during the California wildfires that we had just recently when the government used reverse 911 to send warnings to people, based on where their homes were, about the progress of the fires so that they could send them evacuation messages that were tailored specifically to where they were. That is the taking of technology we are very familiar with, 911, flipping it around and using it to send messages to people so they can evacuate on their own instead of the government's taking responsibility for trying to evacuate each person. Reverse 911 is, I think, just an example of the kinds of technologies that we can make available to people in a disaster that will allow them to respond much more flexibly. The other kinds of technologies that we are hoping to bring to bear to foster resilience include instant messaging, short message service--SMS texting, it is called, for those of you who do not have teenage children--geographic information systems and video, Google maps, and Twitter--blogging by cell phone. All of those are tools that, in an emergency, can help people respond, to understand where the danger is, what kinds of responses are available and that can allow them to quickly self-organize and self-rescue. The government also, I think, has a role--in addition to sponsoring some of these new technologies--in providing the infrastructure of order and the basic communications techniques that people will need in order to most effectively self- organize and self-rescue. I think we all remember many of the difficulties that were faced during the Katrina effort, to recover from Katrina, and the concerns that were raised by public order breakdowns and the extent of the effort that people put into protecting themselves from what were thought to be breakdowns in order. We are looking at the possibility--and I have asked the Assistant Secretary for State and Local Law Enforcement to look at it--of using volunteers from other State and local law enforcement agencies to come to the rescue of neighboring jurisdictions that need urgent assistance. I will stop there, and I will be glad to answer questions. Chairman Thompson. Thank you. We will allow you to elaborate during the question and answer period. [The prepared statement of Mr. Baker follows:] Prepared Statement of Stewart Baker May 6, 2008 Chairman Thompson, Ranking Member King, and distinguished members of the Committee, I am pleased to appear before you today to discuss how the Department of Homeland Security (DHS) can build a resilient homeland. resilience Stopping terrorism is a key mission of the Department of Homeland Security. We must make every effort to prevent an attack, but we must do more. As a Nation, we must be able to withstand a blow and then bounce back. That's resilience. Along with planning and preparation, resilience is a part of our approach to homeland security. Resilience is stressed in the administration's recently-released, second-generation National Strategy for Homeland Security, as well as the National Response Framework and the National Incident Management System. Resilience--of our people, our infrastructure, our economy, our entire Nation--is an essential element of ensuring the safety and security of the homeland. Some say that we need to characterize our national efforts to secure the homeland as ``resilience,'' as opposed to ``preparedness,'' or even ``homeland security.'' We should not spend too much time on a purely semantic argument, but there is no doubt that resilience-- described by some as our ability to ``bend but not break,'' or the ability to absorb the impact of a catastrophe without losing the capacity to function--represents an important dimension in our security efforts. A focus on resilience has value in part because it forces us to acknowledge the limits of government capability. It requires us to admit that some disasters cannot be avoided. It also requires us to acknowledge that, faced with disaster, most of our citizens, businesses, and other institutions will take action to rescue themselves and others. No government can respond as quickly and as creatively as individuals concerned with the well-being of their families, their businesses, and their communities. That is the source of our resilience as a country. While government plays a crucial role as well, perhaps its most important role is creating conditions that allow the creativity and ingenuity of individuals and businesses to flourish. At the end of the day, building a resilient homeland requires us to trust our citizens. We must inform them--and trust them to inform others. We must equip them with the right tools and technologies--and trust them to use those tools to help themselves and others. I would like to highlight three concrete ways in which the Federal government is creating conditions that foster national resilience: (1) Disseminating information that allow individuals to act quickly and wisely; (2) maintaining order; and (3) ensuring the availability of a core infrastructure that individuals will rely on. For the remainder of this testimony, I will offer examples, based on past and present threats, of ways that DHS is creating these three preconditions for a resilient Nation. information Ordinary American citizens are our strongest asset in protecting the Nation and ensuring our common security. In order to maximize this potential, however, citizens need information so they can make informed decisions. We can unlock powerful, self-organizing responses to disasters if we can get good information to individuals quickly. New technologies are creating new ways to deliver good information about disasters to the people who need it most. Our job is to identify these technologies and deploy them where they will do the most good. When confronted with emergencies or natural disasters, such as the wildfires that raged through San Diego and Los Angeles counties last October or the tornadoes that hit the southern United States, residents often dial 911 as their first course of action. They are seeking timely and accurate information. There's nothing new about that. But national reverse 911 capability is new, and it is the kind of technology that fosters resilience. Developed by a private company, Reverse 911 uses a combination of database and GIS mapping technologies to deliver outbound warnings to communities and organizations at risk. Reverse 911 played a key role in rescue efforts during the California fires. Automated alert messages were sent to thousands of people simultaneously, warning those who were in the path of rapidly advancing fires. Those citizens then took informed action on their own, providing greater resilience in the face of the threat. A number of Federal agencies, including DHS, the Department of Transportation, and the Federal Communications Commission, are working on initiatives to make 911 systems more robust, with ability to seamlessly link in advanced technologies with better backup capacity and recovery capabilities. ``Next Generation E911'' refers to the technologies, such as voice over IP (VOIP); instant messaging, short message service messaging, Wi-Fi, geographic information systems and video, that will allow a broader array of interconnected networks to comprehensively support emergency services--from public access to those services, to the facilitation of those services, to the delivery of the emergency information to dispatchers and first responders. A resilient response depends not just on individual citizens but on businesses. If disaster strikes a major refinery in the United States, we could rely on government agencies in Washington to divert supplies from elsewhere to cover the needs of the stricken refinery's customers. Or we could rely on the marketplace to make the adjustments that are needed. In most cases, the marketplace will be more adaptive and more resilient than a response that depends on government. But, like individuals, businesses are likely to need information that is in the hands of government. To create the conditions for resilience, government needs to communicate reliable, timely, and factual information to businesses. That is the goal of Ready Business, part of the Department's Ready campaign, a national public service advertising campaign designed to educate and empower Americans to prepare for and respond to emergencies. Ready Business provides guidance to small- to medium-size businesses regarding which tools and resources are necessary to plan to stay in business, talk to their employees, and protect their investment. In preparing for incidents that might affect the flow of trade across our borders, the Department has worked with the private sector through venues like the Commercial Operations Advisory Committee and the Trade Support Network to collect information on what the trade community needs to know to make decisions following an incident that affects the flow of trade. U.S. Customs and Border Protection (CBP) created a web-based communication framework to ensure that we can get pertinent information to stakeholders as soon as it becomes available. It is called the Unified Business Resumption Message and it is available on the CBP website as well as via Remote Subscription Service. While this message template was originally created for the land environment, it has now been tailored to specific modes and there are six live websites for northern and southern border highway and rail, air and maritime. This message is also available through List Serve e-mail based messaging, which sends mode specific messages to the e-mail subscriber. Sometimes the information people need is not about a fast-moving crisis; sometimes they need information about how to prepare for a particularly dangerous new risk. For instance, there are biological risks, natural or manmade, that fall outside the ordinary experience of the American public. If we expect the public to respond creatively and effectively to these risks, we need to give them the information they need about the risk. At the same time, biological risks are a classic example of a problem that requires a responsible, resilient response by individuals. Relying entirely on government to address the risk is the opposite of resilience. Let me explain by looking at a biological risk that is of particular concern--an anthrax attack. If the United States suffers an aerosolized anthrax attack, a few hours could make a tremendous difference in the attack's magnitude. Studies indicate that the most prudent response to such an attack is for those who were exposed to take ciprofloxacin or doxycycline.\1\ \2\ \3\ If that is done within 48 hours of exposure, practically everyone will recover. After two days, though, every day of delay means additional casualties. In fact, if medication is delayed by five days, a large majority of those who were exposed will die. So we need to get medicine into our citizens' hands almost immediately after an attack. --------------------------------------------------------------------------- \1\ ``Public Health Response to an Anthrax Attack: An Evaluation of Vaccination Policy Options''; Prasith Baccam and Michael Boechler, Biosecurity and Bioterrorism: Biodefense Strategy, Practice and Science, vol. 5, no. 1, 2007, pp. 26-34. \2\ ``Emergency Response to an Anthrax Attack''; Lawrence M. Wein, David L. Craft, and Edward H. Kaplan, Proceedings of the National Academy of Sciences, April 1, 2003. \3\ ``Systematic Review: A Century of Inhalational Anthrax Cases from 1900 to 2005''; Holty, Bravata, Liu, Olshen, McDonald, Owens, Annals of Internal Medicine, American College of Physicians, February 21, 2006, vol. 144, no. 4, pp. 270-280. --------------------------------------------------------------------------- What is a resilient response to this problem? Not, I submit, a response that depends entirely on government. Any response that completely relies on the government to distribute medicine to people is fragile. Every organizational failure--every delay in delivering the medicine, every confusion about who will take which pallets to which distribution centers, every miscommunication about where citizens should go to get their supplies--could result in loss of life. That is the opposite of resilient. Instead, we need to provide citizens with the information they need to respond individually and responsibly to the threat. To the extent possible, we need to encourage citizens to prepare in advance by responsibly maintaining their own supply of cipro or doxy for use in an anthrax emergency. There are risks in an approach that trusts citizens to treat such a supply responsibly. Overuse of antibiotics has severe public health consequences. But so would an aerosolized anthrax attack. DHS is working with Health and Human Services (HHS) to identify the best options for making sure that public citizens, first responders, and federal employees have cipro/doxy in case of an aerosolized anthrax attack. We are considering all options, including an FDA-approved emergency home medical kit, but that might be several years down the road. order Resilience also depends on our ability to maintain order. If our citizens do not have confidence that they will be safe, that social order will be maintained, then their energies will be concentrated on protecting themselves from a breakdown in social order and not on responding to the disaster itself. The more confident Americans are in government's ability to ensure order, the more resilient our society becomes. As our National Strategy for Homeland Security explains, we are continuing to develop and strengthen comprehensive and effective continuity programs to ensure the preservation of our government under the Constitution and the continuing performance of national essential functions--those government roles that are necessary to lead and sustain the Nation during and following a catastrophic emergency. A national approach to continuity also requires that State, local, and Tribal governments work to ensure that they are able to maintain or rapidly resume effective functioning during and after catastrophic incidents and are able to interact effectively with each other and the Federal Government. Likewise, we strongly encourage the private sector to conduct business continuity planning that recognizes interdependencies and complements governmental efforts--doing so not only helps secure the United States, but also makes good long-term business sense for individual companies. Such integrated and comprehensive planning is essential to protecting and preserving lives and livelihoods and maintaining our robust economy during crises. In many cases, local and State forces are entirely sufficient to maintain order in the midst of a disaster. But some disasters will strain those resources past the breaking point. To address that problem, as directed by Congress, we are studying the efficacy of establishing specialized law enforcement deployment teams (LEDTs) from neighboring jurisdictions who would be available to assist State, local, and tribal governments in responding to natural disasters and acts of terrorism. We know that the best people to assist State and local law enforcement in restoring and maintaining order are other State and local law enforcement officers. These LEDT teams could be designed to help avoid the confusion that resulted when law enforcement agencies from around the country responded to Hurricane Katrina in an unorganized manner. Without a coordinating mechanism, Louisiana and New Orleans law enforcement teams were forced to deploy out-of-State law enforcement units ``on the fly'' rather than requesting the specific teams they needed. LEDTs could help provide an organized system that would allow State and local law enforcement to assist each other in quickly resuming normal police services to an area hit by a terrorist attack or natural disaster. infrastructure Finally, the ability of individuals to respond quickly to crises will be greatly enhanced if they can rely on certain core infrastructure. An old way of thinking about ensuring the ability of key infrastructure to survive terrorist attacks or natural disasters involved investing in redundant and duplicative infrastructure. As noted in our updated homeland security strategy, however, we must instead focus on the resilience of whole systems--an approach that centers on investments that make systems better able to absorb the impact of an event without losing the capacity to function. While this might include the building of redundant assets, resilience is often attained through the dispersal of key functions across multiple service providers, flexible supply chains, and related systems. No infrastructure is more important to a resilient, self-organizing response than telecommunications and information networks. To build a resilient response, we need to make sure that these networks continue to function in a crisis. Take the example of a pandemic and dangerous influenza. We know that one is almost certain to strike again, though we don't know when. The pandemic of 1918 had a larger impact on the population of the United States than any other single event in the twentieth century. One of the lessons we learned from that pandemic was the value of social distancing. Those communities with the most disciplined social distancing regimes exhibited the lowest overall mortalities. Social distancing may be even more important in a future pandemic. Information networks can make social distancing more practical. Telecommuting via the Internet will allow Americans to keep the economy functioning while avoiding crowds and contagion. However, for technology-enabled distancing to work, information technology infrastructure must have the capacity to support a large number of telecommuters. We must also consider how to ensure that the network's bandwidth is not oversubscribed in an emergency. We must also make sure that the infrastructure can withstand attacks made over our networks. DHS understands that determined and well-resourced cyber adversaries can find their way into most networks. Improving the resilience of private industry and the government to limit the duration and mission impact of successful attacks or cyber incidents is thus a core component of our overall strategy. Currently, DHS and the Department of Treasury are working with the Financial Services Sector Coordinating Council Subcommittee for Research and Development, along with ChicagoFIRST, an organization dedicated to improving the resilience of financial infrastructure in Chicago, to develop a risk management tool for the finance sector. This tool is designed to help create a computer simulation of a financial enterprise and its value chains, and how different financial institutions interconnect with others. Once it is finalized, the tool will allow organizations to create and run multi-party disruption scenarios tailored to their individual business models, using their own proprietary data as well as generic data for the rest of the financial sector. In this way, they can find out specifically how a cyber security event or attack will affect not only their own business, but also learn how the responses of other institutions (including the government) might impact themselves, other in their value chain, and in the sector at large. This improves resilience because it helps ensure all institutions that share a common cyber security incident will make informed response decisions that solve the problem with as little negative impact on the sector as possible. No single financial company would build such a tool and share it with competitors. However, because of support from DHS, the entire financial sector will be able to improve its resilience by being able to assess and protect itself against emerging cyber security threats. conclusion As stated in the second-generation Strategy, ``Recognizing that the future is uncertain and that we cannot envision or prepare for every potential threat, we must understand and accept a certain level of risk as a permanent condition.'' Ensuring our Nation's resilience in the face of all threats is an essential element of our risk mitigation strategy. Our citizens are resourceful and creative in responding to disaster. We need to give them the tools that allow them to use that creativity--good information, social order, and a functioning communications network. Chairman Thompson. I now recognize Dr. Sheffi to summarize his statement for 5 minutes. STATEMENT OF DR. YOSSI SHEFFI, PROFESSOR OF ENGINEERING, MASSACHUSETTS INSTITUTE OF TECHNOLOGY Mr. Sheffi. Thank you very much, Mr. Chairman. Thank you very much, committee members. I define ``resilience,'' as was just mentioned, as the ability to bounce back from large-scale disruptions. My comments are based on a large research project at MIT, of 4 years, that resulted in a book called the Resilient Enterprise, that mainly looked at how companies should plan and should work toward bouncing back from large-scale disruption and how their supply chains should bounce back. Before we talk about it, I really have kind of divided all types of disruption into random events--earthquakes, hurricanes, accidents, acts of negligence and, finally, intentional disruptions. Intentional disruptions, of course, are terrorism, but one can learn a lot from industrial action, from sabotage, from lots of other actions when there is a smart adversary on the other side, because those are different. We can talk about why in a minute. Some of the compounding effects when you have large-scale disruptions are--first, in many of these cases, there is public fear. If you think about 911, if you think about SARS, if you think about Chernobyl, you know they are issues of public fear which sometimes lead--this may be less popular here--to wrong government reaction, government reaction that exacerbates the situation--not always, of course, but in many cases. Again, we can talk about many examples from other countries from the United States, where government reaction actually made a situation worse. Two more points: We live in a connected world, and its disruptions usually promulgate very quickly throughout the Nation, throughout the world. Finally, I just want to say that what the probability usually for a specific disruption or for a specific day or for a specific point is very small when one runs a global enterprise like General Motors or Procter & Gamble or Intel. The probability that something happens sometimes is not small at all; it is pretty significant. That kind of leads to the whole notion of resilience. It will happen. It does happen. The question is how to respond. The first step, of course, as was mentioned, is trying to avoid a disruption in the first place. This was the focus of the Department of Homeland Security's specifically looking at terrorist attacks, but if you talk about, you know, random events and accidents, the whole idea there is resilience, how to bounce back, because one can hardly influence the probability or the likelihood of a hurricane's hitting. The question is how to respond to this. In some sense, we are starting to shift our thinking about intentional disruption, like terrorism, to exactly the same mode of thinking. Some of this will happen. How do we respond? It does not have to happen in the homeland. The homeland will be affected by a large-scale disruption of supply chains. It can happen in many other places--in a large port, in a large airport, anywhere in the world. The second step is, of course, implementing a detection system. One thing that was not mentioned--I mean, the worst disruption is not what people think about, a nuclear holocaust, but it is a disruption when the organization under attack does not know that they are under attack until it is too late. Think about a biological agent, a chemical agent, that does not reveal itself until enough people are affected. Basically, when you think about disruption, you think about two ways to prepare for a response. The first one is redundancy; the second is flexibility. Those are really the only two classes of actions that one can take. Redundancy is having extra inventory, extra capacity, an extra of something. It is an expensive way to do it, but we do it in many cases. The other way to think about it is to build flexibility, to build the ability to respond. Now, most of my work is in the private sector, and I have a whole book that talks about how supply chains should build in flexibility so they can respond to all kinds of events regardless of the type of event because the reason for the disruption does not matter. The important thing is that a port is down, a warehouse is down; and when information technology is down, how do you respond to this? So there are a lot of technical ways to respond to this, and I talk about them in my book. Let me just mention a few that have to do with corporate culture. Because aside from all of the technical and how you build processes, there is an issue of how to build corporate culture, which is based on continuous communication, based on distributing power, decision-making power, to the lowest level in the organization. It turns out that many organizations where people are passionate about what they do turn out to be very resilient. There is an element of difference to expertise--again, I do not have time to explain it--when you see it in control towers, in chemical plants, in nuclear plants. When something goes wrong, you see that people suddenly do not pay attention to the managers or to the FAA or whatever. They start taking instructions from the veteran people in the tower. They start taking instruction from the gunny sergeant in the foxhole rather than, you know, from the lieutenant. A good organization, a resilient organization, recognizes it. It allows it. It encourages it. It drills for it. Finally, let me just say that, you know, drilling, conditioning, conditioning for disruption--I mean, when we are in grade school, and we are told what is the theory of getting out if there is a fire, everybody is instructed to go down. So there is nothing like exercising it, drilling it in terms of getting ready. Let me stop here, and I will be happy to answer questions later. Chairman Thompson. Thank you very much for your testimony. [The prepared statement of Mr. Sheffi follows:] Prepared Statement of Yossi Sheffi May 6, 2008 resilience: what it is and how to achieve it \1\ --------------------------------------------------------------------------- \1\ Much more information, including detailed analyses, case studies, numerous examples and recommendations for action are included in my book ``The Resilient Enterprise: Overcoming Vulnerability for Competitive Advantage'' (MIT Press, 2005). --------------------------------------------------------------------------- My research takes a supply chain perspective on corporate preparedness and response to high-impact/low-probability disruptions. The supply chain of an organization includes the enterprise itself as well as the web of companies and entities that support its operations and service delivery. The focus of my writings is on resilience--the ability to bounce back from large scale disruptions. In particular, it demonstrates how investments in resilience can be turned into a competitive advantage. When thinking about the nature of vulnerability and how to build resilience in organizations, one should consider first a framework for defining vulnerability and prioritizing risks. Vulnerability is defined as the combination of disruption likelihood and the resilience of the company to such disruption--whether it can recover and how quickly. This framework can be used to prioritize all the disruption risks a company faces and thus prioritize the planning for response. All disruptions can be traced to several generic causes:Random events. These are natural occurrences such as floods, earthquakes, droughts, etc. Given their frequency, insurance companies can calculate likelihood and create insurance pools. Accidents. Accidents are typically the result of multiple causes. There is, however, a large body of literature on accident avoidance, based on ``near miss'' analysis and the ``safety pyramid.'' The experience which this literature is based on includes the aviation, chemical and nuclear industries. Negligence. Including non-compliance with regulations or standards as well as not paying attention to shifting public attitudes regarding corporate social responsibility. Intentional disruptions. These include terrorist attacks about also industrial actions, industrial espionage and sabotage. Intentional disruptions are different due the ``smart adversary'' on the other side; they adapt when defensive measures are put in place. Compounding effects of large scale disruptions include the following: In many cases there is significant public fear (think about SARS, 9/11, Chernobyl) Government reaction, which has to come quickly in cases involving public fear, may exacerbate the situation (border closer after 9/11; UK response to the foot and mouth disease, Japanese government reaction to the Kobe earthquake, etc.) Living in a connected world, large scale disruptions have cascading effects worldwide While the likelihood of individual disaster is small, the likelihood of some disaster taking place somewhere sometime is not insignificant. The first and most important step in dealing with disruptions is working to avoid them. It is difficult to avoid natural phenomena and there is significant work on avoiding accidents. Avoiding intentional disruptions is the realm of security, however, where one has to focus on the following: Layering the defense; Balancing the defensive measures; Investing in security in accordance with risk (``profiling''); Collaborating across enterprises, agencies and the citizenry; Creating a security culture; Practice, practice, practice. The second step in building resilience is the implementation of a detection system. The most dangerous disruption is the one that is not detected until it is too late. Early detection can trigger early response and, in most cases, a more effective response. Lastly, the planning and preparation should lay the foundations for a collaborative response. Building joint process, getting to know all organizations involved in a response, assigning specific roles. Of particular importance are public-private partnerships, the utilization of volunteers. There are basically only two ways to prepare for responding after a disruption hits: building in redundancy and building in flexibility. Redundancy is the first line of defense in case of a disruption. Safety stock of parts and finished goods, spare capacity and multiple suppliers, extra trained personnel, all provide a cushion to absorb some impact. Redundancy, however, is expensive even though there are various forms of minimizing the impact of extra resources and under- utilization. A better strategy is to develop flexibility. Flexibility has many facets. Consider first, there is the paradox of flexibility: the more standardized many operations and procedures are, the more flexibility they afford. Thus, standard parts, processes, products and procedure, create the ability of their users to be flexible since the users can count on the standards and build on them. Such standardization allows for interchangeability and thus moving resources from where they are to where they are needed in case of a disruption. Just as important, however, is the development of a culture of flexibility. This involves the creation of certain human resources expectations and job definitions as well as cross-training. The most interesting aspect of building flexibility in an organization is that unlike other resilience measures, flexibility helps companies in the competitive positioning. The reason is that markets around the world are changing at a faster and faster pace. A company that builds in the ability to respond to supply disruption (creating supply/demand imbalance) is automatically building in the ability to respond to demand fluctuations, winning market share. The important facet of a culture of flexibility and resilience include the following: Continuous communications. Resilient companies communicate obsessively so when a disruption takes place people know the exact status of the enterprise. Resilient organizations also have redundant communications capacity, knowing that the volume of communications will grow substantially during a disruption. (Examples: Dell; UPS; counter example: Jet Blue during February 2007) Distributed power. Resilient organizations allow every employee, regardless of rank to take decisive action in case of a developing disruption. In the vast majority of the cases, the ability of field personnel to take action quickly can limit the scope of a developing disruption and therefore minimize casualties and damage. (Examples: Toyota's Andon cord; U.S. Navy carrier operations; World [Japanese retailer], U.S. Coast Guard operations during Katrina) Passion for work and the mission. Resilient organizations demonstrate passionate commitment to the success of their organization, causing employees to go ``above and beyond the call of duty.'' (Examples: Schneider Trucking; Southwest Airlines) Deference to expertise. When a disruption is eminent or when it takes place, resilient organizations understand that there is a transfer of deference from rank to expertise (Examples: U.S. Marines, FAA controllers, Chemical plants operators) Conditioning for disruptions. Resilient organizations are those that are disrupted continuously. They simply develop expertise at continuous re-planning and getting back to normal operations quickly. (Examples: UPS; FedEx; Counter examples of introducing uncertainty: Intel) Culture is difficult to define and even more difficult to change. However, there have been spectacular examples of deep culture changes in society and in corporations. These include: Safety. During the first part of the 20th century executives used to believe that safety is too expensive to install in plant leading to thousands of casualties in plant and railroad yards. Federal regulations and society's attitude have changed this perception dramatically. Quality. The quality of U.S. cars used to embarrass U.S. automotive executives who truly believed that quality is too expansive to install in their cars. Toyota proved the fallacy of this argument and changed the industrial landscape forever. Social norms such as smoking as well as drinking and driving have changed dramatically in the United States over the last 20 years. Thus, corporate and society's culture can change, and senior managers in industry, as well as the Government can have significant influence. Chairman Thompson. I now recognize Chief Southers to summarize his statement for 5 minutes. STATEMENT OF ERROLL G. SOUTHERS, ASSISTANT CHIEF, HOMELAND SECURITY AND INTELLIGENCE DIVISION, LOS ANGELES WORLD AIRPORTS POLICE DEPARTMENT Mr. Southers. Good morning, Mr. Chairman and members of the committee. Thank you very much for inviting me to appear before you this morning to discuss the international, interdisciplinary and risk-based counterterrorism strategies and best practices that we have engaged in at the Los Angeles World Airports. We placed a high priority on the opportunity to explore and to experiment with possible solutions. For, as my very dear friend and colleague in Israel, Dr. Boaz Ganor, reminds me, at the end of the day, all disciplines are related to terrorism. However, as my colleagues in London, with whom I spent last week at MI-5 and at the New Scotland Yard, will tell you, resiliency is also the capability to detect as well as to recover from disruptive challenges. This morning, I would like to share with you an innovative framework. Mayor Antonio Villaraigosa has embraced public safety as his No. 1 priority in the city of Los Angeles. During his tenure, crime has fallen to historically low levels. He is a staunch proponent in the area of counterterrorism as well. He has placed police and counterterrorism professionals in charge of security at the Los Angeles International Airport, an economic anchor for southern California. This resulted in a model consisting of a protective design under the new leadership of the paradigm of the Mayor's appointee, Director James T. Butts, Jr., a former 15-year police chief with 34 years of law enforcement experience. LAX is safer today than it was 18 months ago. Under their leadership, we have embarked upon a more contemporary and holistic approach to airport policing. This prototype is capable of intelligence analysis, information-sharing, and it facilitates the seamless integration of critical infrastructure protection. We have embraced the mantra of thinking locally and of acting globally. This year, al Qaeda celebrates its 20th anniversary. A terrorist organization could not exist for two decades without being adaptive, innovative and flexible. The group's capacity to survive is also a direct reflection of both its resilience and the continued resonance of its ideology. However, attackers must conduct surveillance and reconnaissance in order to be successful. It is a proven fact that randomness increases security. A team of researchers at the Homeland Security Center for Risk and Economic Analysis of Terrorism Events, CREATE, led by Dr. Miland Tambe, work with our department to develop ARMOR, Assistant for Randomized Motoring Over Routes. This software randomizes our vehicle checkpoints along airport access roads and the deployment of our explosives detection K-9 teams throughout the airport. Peroxide-based explosives represent a new, major, growing challenge to homeland security. We are involved in an international project, researching the properties, detection technology and risk assessment of peroxide-based explosives. This research leverages the combined talents of world renowned Israeli experts at Technion, where Dr. Sheffi is an alum, the Israel Institute of Technology led by Dr. Ehud Keinan, the USC CREATE risk analysts, and our department in order to assess and improve peroxide explosive detection methodology and to optimize deployment strategies for resilience against these attacks. Last, LAX was selected by DHS to join San Francisco International Airport, SFO, as a pilot site for the chemical, biological, operational technology development, OTD, project. SFO will form the basis for completing a biological response plan, and that plan will be used at LAX. The goal of the LAX chemical OTD restoration project is to develop tools and processes to rapidly restore a critical transportation facility after a chemical agent attack. Upon completion, LAX will be the only airport facility in this country with vetted chemical and biological restoration plans. A few of our efforts which have aligned the international academic and operational counterterrorism community during the last month include briefing our best practices in Canada, Great Britain, Israel, Jordan, Spain, Thailand, and China. We have assessed the terrorism countermeasures in place for the upcoming 2008 Beijing Olympics. We have our command staff attending the Executive Program in Counterterrorism at USC and at the National Counterterrorism Academy. For us, war is finite. For terrorists, war is perpetual. Terrorist organizations are becoming increasingly sophisticated at communications and at security awareness. We should learn from failed as well as from successful attacks because, while our vulnerabilities are unlimited, our resources are not. Sustainability is a critical element of resiliency. Also, our intelligence efforts should work on building capacity from the bottom up, local law enforcement. The progress being made by the Department of Homeland Security at the direction of this committee has been noteworthy. It is an honor and a privilege to be invited to testify and to contribute to the collective national security effort. Mr. Chairman, this concludes my statement. I would be pleased to answer any questions you and the members may have at this time. Chairman Thompson. Thank you for your testimony. [The prepared statement of Mr. Southers follows:] Prepared Statement of Erroll G. Southers May 6, 2008 Chairman Thompson and members of the committee, thank you for inviting me to appear before you this morning to discuss the international, interdisciplinary and risk-based counter-terrorism strategies we are engaged in at the Los Angeles World Airports (LAWA). We have placed a high priority on the opportunity to explore and experiment with possible solutions. As my very dear Israeli colleague and Director of the Institute for Counter-Terrorism in Herzliya Dr. Boaz Ganor, always reminds us, ``At the end of the day, all disciplines are related to terrorism!'' I would also like to extend my personal greetings to members Harman, Lundgrun and Sanchez who represent California and often utilize Los Angeles International Airport (LAX). Your leadership in overseeing the Department of Homeland security efforts has paid significant dividends. You and your colleagues have not been afraid to ask the difficult questions and the sense of urgency this committee has brought to homeland security issues has been a catalyst for productive change within homeland security at the Federal, State and local levels. Resiliency is defined as the capability of a system to maintain its functions and structure in the face of internal and external change. Developing enhanced resiliency is a rational strategy when the probability and specifics of a particular challenge are difficult to define.\1\ A resilient society is one that will not disintegrate in the face of adversity. Protecting property and successfully evacuating populations that are potentially in harm's way lessens the destructive impact of a natural disaster. Making infrastructures resilient renders them less attractive targets for terrorists. Preparing for the worst makes the worst less likely to happen.\2\ We cannot stop every terrorist attack. We can however, reduce the risk and enhance the capability for our continuity of operations. --------------------------------------------------------------------------- \1\ Allenby, Brad and Jonathan Fink. Toward Inherently Secure and Resilient Societies. Science Magazine, August 12, 2005. \2\ Flynn, Stephen. The Edge of Disaster. Random House, New York. (2007) p. 154. --------------------------------------------------------------------------- This morning, I would like to share an innovative framework with you. Mayor Antonio Villaraigosa has embraced public safety as his No. 1 priority in the city of Los Angeles. During his tenure, crime has fallen to historically low levels. He is a staunch proponent in the area of counter terrorism as well. He has placed police and counter terrorism professionals in charge of security at Los Angeles International Airport, an economic anchor for southern California. This resulted in a model consisting of a protective design under the new leadership paradigm of the Mayor's appointee, Director James T. Butts, Jr., a former 15-year police chief and 34-year law enforcement professional. LAX today is safer than it was just 18 months ago. Under their leadership, we have embarked upon a more contemporary and holistic approach to airport policing. This prototype is capable of intelligence analysis, information sharing and facilitates the seamless integration of critical infrastructure protection. He has created an organizational structure and a counter-terrorism element unprecedented in the airport environment. By harnessing our strengths and leveraging our relationships, we have transformed the No. 1 airport terrorist target in the Nation into an operational think-tank, capable of placing theory into practice and creating a dynamic response to the transnational threat of terrorism. We have embraced the mantra of ``thinking locally and acting globally.'' introduction Los Angeles International Airport is the world's busiest origin and destination (O&D) airport, meaning O&D passengers are those beginning or ending their trips in Southern California rather than using the airport for connecting flights. In total traffic, LAX is the fifth busiest airport in the world for passengers and ranks 11th in the world in air cargo tonnage handled. In 2007, the airlines of LAX served 61.9 million passengers and handled 2 million tons of freight and mail. LAX handled 70 percent of the passengers, 75 percent of the air cargo, and 95 percent of the international passengers and cargo traffic in the five-county Southern California region. LAX also creates jobs. An estimated 59,000 jobs, directly attributable to LAX, are located on or near the airport. Approximately 408,000 jobs, spread throughout the region, are attributable to LAX. The employment in the city of Los Angeles due to the airport is estimated to be 158,000 jobs. One in 20 jobs in Southern California is attributed to LAX operations. In fiscal terms, LAX is a dynamic airport which creates, attracts and supports economic activity throughout Southern California. International flights arriving at LAX from overseas make a substantial contribution to the economy of Southern California, adding $82.1 billion in total economic output, plus 363,700 direct and indirect jobs with annual wages of $19.3 billion in Los Angeles, Orange, Riverside, San Bernardino, San Diego and Ventura Counties, according to a 2007 study by the Los Angeles Economic Development Corporation. Unfortunately, this fiscal vitality also bodes well in terms of its attractiveness as a terrorist target. history Terrorism has long been a serious threat to the air transportation system of the United States and other nations. ``Over 5,000 deaths have resulted from terrorist attacks on civil aviation since 1980; about 200 deaths occurred in attacks on airports themselves, as opposed to aircraft.''\3\ Apart from the major changes in the Nation's defense posture, we know that the economic effects of the September 11, 2001 terrorist attacks were relatively short-term in their impact. Thus, in one of the first studies undertaken at the Homeland Security Center for Risk and Economic Analysis of Terrorism Events (CREATE), we considered the short-term economic costs of an attack on the U.S. commercial air system. --------------------------------------------------------------------------- \3\ See the Memorial Institute for the Prevention of Terrorism (MIPT) Knowledge Base, online at http://www.tkb.org. --------------------------------------------------------------------------- We modeled a 7-day shut-down of the entire U.S. commercial air transportation system, followed by a 2-year period of recovery, using the post-September 11 experience of the system as a basis for our analysis. Our overall loss estimates for the 2 years range from $248 to $394 billion.\4\ --------------------------------------------------------------------------- \4\ Gordon, Peter. The Economic Impacts of a Terrorist Attack on the U.S. Commercial Aviation System. Center for Risk and Economic Analysis of Terrorism Events (CREATE) Report No. 05-026. (2005) --------------------------------------------------------------------------- In another study of this catastrophic attack, the results concluded the following losses: First day Wall Street losses: 16 percent Gross amount traded per day: $4 trillion Total loss from stocks = $640 billion American daily income = $20 billion First week loss = $140 billion Total national loss = $780 billion Building & Construction losses = $30 billion Liquidated 170,000 employees from airline companies American studies estimated 70 percent American people suffering from depression Intercontinental Hotel--20,000 job losses One would assume the researchers in this study represented a think tank or major research university. In fact, these figures were the results of an economic analysis articulated by Osama bin Laden, in his October 21, 2001 interview with Taysir Alluni, head of al-Jazeera's bureau in Kabul.\5\ Regardless of the mathematical accuracy of al Qaeda's study, they clearly appreciate the value of an attack beyond the loss of life. --------------------------------------------------------------------------- \5\ Lawrence, Bruce. Messages To The World, The Statements of Osama bin Laden. Verso, London and New York. (2005) pp. 111-112. --------------------------------------------------------------------------- Interestingly, LAX has been described by RAND as ``a leader in implementing new security measures.''\6\ It was one of the first major airports to implement a 100 percent baggage-screening program, a dedicated and high visibility police department, onsite bomb squad, the largest number of explosives detection canine teams at an airport in the world and a dispersed central terminal design. Despite this level of protection, LAX is viewed as an attractive target by some terrorist organizations having been targeted six (6) times--more than any other airport in the world! --------------------------------------------------------------------------- \6\ Stevens, Donald, Thomas Hamilton, Marvin Schaffer, Diana Dunham-Scott, Jamison Jo Medby, Edward W. Chan, John Gibson, Mel Eisman, Richard Mesic, Charles T. Kelley, Jr., Julie Kim, Tom LaTourrette, K. Jack Riley, Implementing Security Improvement Options at Los Angeles International Airport, Santa Monica, California: RAND Corporation, 2006. --------------------------------------------------------------------------- Since 1974, LAX has been the target of two bombings, two attempted bombings, one gun attack and one combination bombing/active shooter attack. In 1974, ``Alphabet Bomber'' Muharem Kurbegovic detonated a bomb in the LAX international terminal, killing three and injuring eight. A bomb exploded in 1980, in the China Airlines luggage processing facility, causing extensive damage but no injuries. In May 1982, three members of the Armenian Secret Army for the Liberation of Armenia were arrested after placing a bomb at the Air Canada cargo office. Ahmed Ressam was caught crossing into the United States in 1999, with bomb-making equipment. His plan, later known as ``The Millennium Plot,'' was to detonate four timed luggage bombs inside and curbside at the Tom Bradley International Terminal (TBIT). My colleague and CNN terrorism analyst Peter Bergen, best known for his interview of Osama bin Laden believes, ``The millennium plotting in Canada in 1999 may have been part of Bin Laden's first serious attempt to implement a terrorist strike in the United States.'' Ressam has told the FBI that he conceived the idea to attack Los Angeles International Airport himself, but that bin Laden lieutenant Abu Zubaydah encouraged him and helped facilitate the operation.\7\ --------------------------------------------------------------------------- \7\ Bergen, Peter L., The Osama bin Laden I Know. Free Press, New York, NY (2006) pp. 289-290. --------------------------------------------------------------------------- On July 4, 2002, Hesham Hadayet approached the El Al counter with two handguns, killing two and injuring six. In 2005, a radicalized al Qaeda based group formed in Folsom Prison, plotted to again attack the El Al ticket counter, in addition to the Israeli Consulate, two National Guard recruiting centers and several synagogues in simultaneous bombings and active shooter operations across Los Angeles. When the suspects were convicted, it was learned they admitted to being 2 weeks away from executing the attacks. LAX remains a very attractive target. I have had the opportunity to visit and review the protective measures with my colleagues at several airports considered to be target-rich including; Ben Gurion in Israel, considered to be one of the world's most secure, Heathrow in Great Britain, the world's busiest airport and which recently opened a state-of-the-art terminal and Beijing International in China, which recently opened the world's largest terminal and will host the 2008 Olympic Games. We all agree on three basic realities--reducing the risk of terrorism and public safety is paramount, emergency response efficiency is critical and the continuity of operations subsequent to a natural or man-enabled event will have severe impact on the global economy. los angeles world airports police organizational response As Congresswoman Harman is uniquely aware, RAND Corporation was commissioned by Los Angeles World Airports to conduct a series of studies on options for protecting the airport from terrorism. RAND identified 11 major scenarios of attacks in the following ascending order: mortar attack, sniper attack, control tower bomb, MANPADS attack, air operations attack, public ground attack, curbside bomb attack, luggage bomb, large truck bomb, uninspected cargo bomb and insider planted bomb. The top 5 scenarios involve explosive devices, vehicle and/or employee access. The subsequent re-organization of our department is in direct response to the study. The Homeland Security and Intelligence Division is comprised of the Critical Infrastructure Protection Unit, Vulnerability Assessment and Analysis Unit, Emergency Services Unit, Dignitary Protection Unit, Canine Unit and the Security Credential Unit. This reorganization facilitates the effective response to the 5 ``major'' terror scenarios by reducing bureaucracy, increasing unit responsibility and ensuring management accountability. For example, the Security Credential Section is responsible for the processing, vetting and management of more than 40,000 LAX badge holders, more than 52,000 for the Los Angeles World Airports, including Palmdale, Ontario and Van Nuys airport which happens to be the busiest general aviation airport in the nation. The new centralization of the badging process also lends itself to easy information sharing and analysis as it relates to our properties. In the midst of a recent event one morning when we thought an individual had boarded an outbound flight posing as an employee, it was the information from the Security Credential Unit that proved most valuable in the suspect elimination process before the diverted flight had even landed. In addition to the RAND study, we are routinely evaluated in a joint assessment by the TSA and FBI to determine our Man Portable Aerial Defense (MANPAD) vulnerabilities. We have also invited our colleagues from Ben Gurion Airport to evaluate our protective measures. Guided by the three studies we maintain a Critical Infrastructure Protection Unit and a Vulnerability Assessment and Analysis Unit, charged with meeting the goals of Homeland Security Presidential Directive-7, the identification, protection and prioritization of critical infrastructure and ensuring TSA Security Directive compliance respectively. These units also work in concert with our local, State and Federal regulatory airport partners monthly, as the Cargo Security Task Force, descending unannounced on cargo facilities to evaluate all personnel, security and safety related compliance issues. terrorist operational planning cycle This year, al Qaeda celebrates its 20th anniversary. A terrorist organization could not survive for 2 decades without being adaptive, innovative and flexible. In fact, every attack in the last 4 years in Europe (except the Van Gogh murder) has had al Qaeda connectivity. Commercial aviation is the most institutionally hardened critical infrastructure since the attacks on September 11, yet it remains the most desirable target. Al Qaeda's global network has endured by its members strictly adhering to the principles of operational security. In addition to the al Qaeda threat, the death of Imad Mughniyah, by a bomb blast on February 12, 2008, has heightened our concerns regarding the threat of attack by Hezbollah. Mughniyah, a senior member of Hezbollah, was associated with the Beirut barracks and United States Embassy bombings in 1983, which killed over 350, as well as the kidnapping of dozens of foreigners in Lebanon in the 1980's. He was indicted in Argentina for his role in the 1992 Israeli Embassy attack in Buenos Aires. In response to this specific threat and the fact that El Al has been targeted 3 times since the new millennium, our Emergency Services Unit (ESU) provides special weapons and tactics security for El Al passengers during ticketing/check-in, escorts their busses to the terminal and remains on the airfield until the aircraft departs. In addition to their already unique skillset, all members of our ESU have completed the DHS Prevention & Response to Suicide Bombing Incidents Training Course. El Al has informed us LAX is the only airport outside of Israel that affords them this level of security. Terrorist groups, particularly al Qaeda, conduct surveillance and reconnaissance to select potential targets to gain strong situational awareness of the target's activities, design, facility vulnerabilities and security operations. Because part of the pre-operational surveillance involves establishing patterns, terrorists will conduct their surveillance multiple times. However, the more they conduct surveillance, the greater the chances of being observed themselves. If they are observed, their entire plan can be compromised by alerting security personnel to the fact that something is being planned. Al Qaeda training manuals, including the infamous ``Military Studies in the Jihad Against the Tyrants,'' and their online training magazines instruct operatives to perform surveillance, and even go so far as to discuss what type of information to gather. In July 2004, the arrest in Pakistan of an individual identified by U.S. officials as Mohammad Naeem Noor Khan revealed a personal computer that contained detailed information about potential economic targets in the United States. The targets included the New York Stock Exchange and Citigroup headquarters in New York, the International Monetary Fund and World Bank buildings in Washington, DC, and Prudential Financial headquarters in Newark, NJ. From the information on the computer, it appeared that the targets were under surveillance for an extended period. In the case of the aforementioned pre-attack planning cycle, there was a high degree of detail and awareness of site vulnerabilities, security operations and law enforcement and emergency response at the time the reports were written. In addition to intelligence obtained from surveillance, each of the surveillance reports exhibited extensive use of open-sources to obtain much of the background information on the target. It should be noted the report provided alternative targets should attacking the primary site prove to be logistically unfeasible. The focus on collecting data on alternate, less protected locations indicates al Qaeda's interest in softer targets. This may be reflective of al Qaeda's evolution from a centrally directed organization into a more decentralized structure possessing greater control over target selection. Surveillance can occur in as little as 1 week, to as long as several years prior to an attack and can be used to support target selection, mid-operation reconnaissance and final, pre-attack reconnaissance. Surveillance is typically conducted in a covert manner and can involve any number of collectors (surveillants) either on foot or in vehicles. Successful counter-surveillance can yield indications of an attack planning phase. The problem is separating ``terrorism'' from ``tourism.'' Herein lies the importance of employing a strategy that facilitates ``looking for the bombers and not the bombs.'' automated license plate recognition technology Actionable intelligence, accompanied by education, awareness and technology are essential resources to be effective in these efforts. A debrief of the attack on the Kohbar Towers bombing, determined the target was surveilled more than 40 times over a 17-month period, by the same three attackers. On at least 10 of those reconnaissance missions, the attackers visited the site in the same vehicle. The fact that more than 50,000 vehicles enter LAX daily, makes vehicle surveillance a simple task, utilizing Automated License Plate Recognition (ALPR) technology. This is a proven method that automatically identifies license plate numbers on stationary or moving vehicles (at speeds of over 140 mph), captures images of the vehicle license plate and instantly checks those numbers against a data base. Every license plate scanned is compared to a list of ``vehicles of interest'' associated with auto theft, felony warrants, Amber Alerts, DOJ & NCIC downloads, parking violations, or any other license plate- oriented databases. Our anticipated acquisition and implementation of this technology will essentially limit the capacity of attackers to use the roadways! The database can be designed to be triggered if the license plate entered the area based on frequency, time of day, day of the week, etc. Inasmuch as repeated trips are necessary for terrorists to obtain the desired situational awareness, this would be a useful countermeasure. Ben Gurion Airport has deployed this system on its main access road, in a toll-booth design, to capture the license plate of every vehicle entering the central terminal area. The system is also in use in Europe in Birmingham, Edinburgh and Glasgow Airports. A recent case suggests that given access to this technology, valuable investigative time could be significantly reduced. A rent-a- car manager at an airport reported activity he found to be suspicious. The manager stated that during an 11-month period, four adult males of Middle Eastern ancestry rented vehicles numerous times and each time the vehicles were returned with excessively high mileage. An example provided revealed a vehicle had been rented for 10 days. The vehicle had been driven 3,848 miles during the rental period, which is considered excessive by rental car standards. Additionally, numerous employees of the rental car agency observed shopping bags containing new wrapped pre-paid cell phones in the vehicle, which were taken by the subjects with the rest of their personal property when they returned the rental vehicle. In this instance, if ALPR were deployed, we would know if the vehicle accessed our airport, the frequency of those ``visits,'' and the exact dates. Accompanied by the other available technology systems, we could organize and analyze vast quantities of structured and seemingly unrelated data, currently housed in various incompatible databases and record management systems, over a highly secure intranet- based platform. Inasmuch as we contact and complete field interview cards, crime reports and obtain information from individuals from all over the world on a daily basis, makes LAX an incredible source of information. create randomization project The Center for Risk and Economic Analysis of Terrorism Events (CREATE) is an interdisciplinary national research center based at the University of Southern California and funded by the Department of Homeland Security. The Center is focused on risk and economic analysis of the U.S. infrastructure and comprises a team of experts from several universities from across the country. It was the first of 13 existing Centers of Excellence in the Nation and the only Center whose grant has been renewed thus far. As previously described, the al-Qaeda planning cycle, depends on the comprehensive situational awareness acquired via pre-attack surveillance and reconnaissance of the intended target. It is most important for the attackers to determine the design and level of physical security, including protective policies, procedures and technology. A team of researchers at CREATE led by Dr. Miland Tambe, working with our department developed software that would offer assistance regarding the deployment of critical terrorism countermeasures. Dr. Tambe's expertise is in the area of Security in Multiagent Systems by Policy Randomization. It is a proven fact randomness increases security. Randomization methodology was theoretically proposed by CREATE to assist in the deployment strategy of unmanned aerial vehicle (UAV) flights over Afghanistan. The goal of our project was to leverage CREATE's success by randomizing vehicle checkpoints being deployed along airport access roads. The program, based on Bayesian Stackelberg game theory, was developed to allow for the input of certain constraints regarding the checkpoint, the avoidance of certain days for deployment and the necessity for the checkpoint to be in effect during specific times during the day. Based on these constraints, the program provided a randomized schedule, in conjunction with a mathematical measure of randomness. Additional features are added to the program to facilitate the input of the constraints and create a report at the end of a checkpoint in operation. Such scheduling is based on several requirements: (a) Scheduling must be randomized to avoid predictability; (b) Scheduling must take into account constraints of officers at LAX; (c) Scheduling must take into account passenger load data; (d) Scheduling must also take into account other possible resource constraints, dynamic shifts and so on. The USC CREATE team attacked this scheduling problem in a multi- phased approach. The first phase focused on scheduling checkpoints, and in particular using the first two criteria mentioned above. The next step in the project incorporated the explosives detection canine team deployment into the program development. Inasmuch as LAWA maintains 32 explosives detection canine teams, this asset renders LAX the perfect environment for this research. Upon completion, we anticipate leveraging the program for the purpose of randomizing the deployment of patrol, bicycle officers and other Airport Police resources. After several months of operation and in accordance with the National Infrastructure Protection Plan Risk Management Framework, we decided to develop an evaluation feedback loop consisting of graduate students, who unbeknownst to them, were challenged with testing the resiliency of the system. They played a game called ``Pirates and Treasures.'' The students were instructed to identify ways to breach the security of the system and were rewarded with points during the course of the game. These results were analyzed and provided the basis for a revision of the game theory algorithm inherent in ARMOR software. The results of this premier engagement in ``Translational Research,'' that is research which translates directly from the laboratory to the field and the practitioner, could not have been anticipated. We have received inquiries from a host of Federal agencies and countries as far away as India. We briefed the Transportation Security Administration last year in anticipation of the program being utilized to randomize the deployment of Federal Air Marshals on flights. Praveen Pachuri, the doctoral student who developed the algorithm, is being actively sought by a host of defense contractors as a result of the programs' success. peroxide-based explosives research project Peroxide based explosives, including TATP (triacetonetriperoxide), DADP (diacetonediperoxide) and HMTD (hexamethylenetriperoxide-diamine), represent a major, growing challenge to homeland security. The threat has been recently highlighted by a number of terrorist events worldwide, such as the 2005 attack on the London public transportation system, the intercepted 2006 terrorist plot to target airliners en route from London to the United States, and many car and suicide bombings in the Middle East. The Los Angeles World Airports Police Department is involved in an international project researching the ``properties, detection technology and risk assessment'' of peroxide-based explosives. The research leverages the combined talents of world-renowned Israeli explosives experts at Technion--Israel Institute of Technology, led by Dr. Ehud Keinan, USC CREATE risk analysts, led by Drs. Isaac Maya and Onur Bakir, and Los Angeles World Airports Police Department personnel in order to assess and improve peroxide explosive detection methodologies and optimize deployment strategies for those technologies. The United States has already experienced its first suicide bomber. In 2005, Joel Hinrichs, III, an Engineering graduate student at the University of Oklahoma, blew himself up outside of the school's Memorial Stadium. He was denied entry because he would not allow security personnel to examine the contents of his backpack which contained a TATP improvised explosive device, before entering the stadium with 84,000 people in attendance. Doubt was cast subsequent to this incident with regards to Mr. Hinrichs' intent or social network. Investigation reveals he constructed the bomb via an Internet recipe after he unsuccessfully attempted to purchase ammonium nitrate. Going to the football game should certainly demonstrate his intent, the fact that he attended a Mosque in Norman, Oklahoma visited by Zacarias Moussaoui, and September 11 hijackers, Marwan Al-Shehhi and Mohammed Atta, would suggest indirect, if not direct connectivity to an environment with some very dangerous people. Altogether, TATP, HMTD and other peroxide-based explosives pose a multifaceted, intricate challenge to public security. As their density (0.5 g/mL) is similar to that of most common organic solids, such as white sugar, it is not possible to detect them by the CTX machines that are currently deployed in airports for the detection of conventional explosives. Although the most urgent need is the development of detection and identification methods, there are many other aspects of the problem that should be pursued. These include fast and reliable onsite neutralization of captured materials, comprehensive study of their chemistry and properties, including post-blast analysis and identification of the type, quality, manufacturing methods, as well as the origin of captured improvised explosive devices. The goals of the research project are articulated as follows: (a) Preparing a broad variety of plastic TATP explosives in order to develop recommendations regarding their detection, characterization and safe handling. (b) Identify and characterize the various polymorphic crystals of TATP and develop reliable detection methodology utilizing XRD technology. (c) Using formal risk assessment methodologies to analyze the comparative costs and benefits of deploying peroxide-based explosive detection technologies at the Los Angeles International Airport and therefore, possibly other major transportation infrastructures engaged in passenger screening operations. chemical operational technology development restoration project LAX was selected by DHS to join San Francisco International Airport (SFO) as a pilot site for the Chemical/Biological Operational Technology Development (OTD) Project. SFO has been the primary partner airport for developing plans for Biological Incidents. Once that plan is developed it will be the basis for the completion of a Biological Restoration Plan for LAX. The goal of the LAX Chemical OTD Restoration Project is to develop tools and processes to rapidly restore a critical transportation facility after a chemical warfare agent attack. Upon completion, LAX will be the only airport facility with vetted chemical and biological restoration plans. airport police strategies and initiatives The Los Angeles World Airports Police initiatives have aligned the international academic and operational counter-terrorism community. We are part of a global network capable of identifying and disrupting the ability of attackers' efforts to recruit, fund, plan, surveil or execute terror operations. Our efforts to date include: During this past year, our officers have studied and/or delivered counter-terrorism briefs in Canada, Great Britain, Israel, Jordan, Spain, Thailand, and China. Airport Police hosts a bi-weekly Community Awareness Meeting with area business owners, community groups and residents for the purpose of sharing information related to crime activity, law enforcement projects and other relevant airport information available to us from our partners across the Nation. Airport Police detectives are assigned to the Joint Terrorism Task Force and the Joint Regional Intelligence Center. Our Canine Unit Officer-in-Charge was appointed the International Liaison for the Detector Dogs World Congress regarding all explosives detection canine matters. We accepted an invitation to travel to Beijing, Shanghai and Qingdao for the purpose of assessing the terrorism countermeasures in place for the XXIX Olympiad. Officers are enrolled in the Executive Program in Counter- Terrorism at USC and the Manhattan Institute National Counter- Terrorism Academy. During terminal evacuations related to the detection of ``possible improvised explosive devices'' (IEDs) identified at screening stations, announcements to passengers articulate the reason for the evacuation, efforts are made to provide a comfortable environment, with seating and water if possible and seniors and parents with children are given priority for re- entry into the terminal after the incident is resolved. Airport police work in concert with the bomb squad and TSA on every terminal IED-related evacuation to minimize the impact to vehicular traffic in the central terminal area and expedite the repopulation of the screening stations. All of these events are timed and de-briefed. During my tenure as Deputy Director in the Governor's Office of Homeland Security, the resiliency of the Port of Los Angeles-Long Beach and LAX were regular topics of discussion. In response to the 9/11 Commissions overall critique of our inadequate intelligence sharing capabilities; the ports created the Area Maritime Security Committee (AMSC). The AMSC consists of local, State and Federal intelligence professionals and first responders for the purpose of identifying vulnerabilities, determining possible risk-reduction strategies and engaging in training and exercises during scenarios to protect the maritime environment. As a result of the success of the AMSC, we transplanted the group to LAX in an effort to mirror the strategy with most of the same entities charged with responding to the threat at the ports. Director Butts co-chairs the Airport Security Advisory Committee, which has benefited from existing professional relationships, thus creating an institutional knowledge with expertise and experience focused on the protection of two extremely vital sites, other critical infrastructure in the region and the global importance incumbent upon their resiliency. lawa security technology initiative In 2006, we initiated a comprehensive analysis of the three separate airport infrastructure vulnerability studies--RAND, TSA-FBI MANPADS Mitigation Report and the Ben Gurion Assessment. These evaluations not only examined security gaps, they recommended the most efficient and cost-effective solutions to enhancing security measures within the Los Angeles World Airport system. To that end the Security Technology Initiative is the technology infrastructure backbone that would integrate our current and long-term counter-terrorism efforts. We have hardened our security infrastructure and seek to improve our situational awareness through the implementation of advanced technology such as ALPR, smart video analytics, and perimeter intrusion detection systems. closing For us, war is finite, for the terrorist war is perpetual. Osama bin Laden has identified a timeline of 1,400 years to accomplish his mission. In the meantime, terrorist organizations are becoming increasingly sophisticated in communications and security awareness. As an example, terrorists are leveraging terror trials and court testimony as an additional opportunity to identify our counter-terrorism investigative methodologies. Our intelligence efforts should work on building capacity from the bottom up--local law enforcement. Our success in deterring terrorist attacks rests with our ability to make the environment more difficult for attackers to operate. Timothy McVeigh, Eric Rudolph and the JIS group spawned in Folsom Prison were arrested as a result of good police work. Commercial aviation is the most institutionally hardened critical infrastructure since 9/11. Yet, last summer it was targeted again. We should learn from failed, as well as successful attacks because, while our vulnerabilities are unlimited, our resources are not. Sustainability is a critical element of resiliency. The need for the continuing support for the collaborative efforts of the Department of Homeland Security's Science and Technology Directorate and its Centers of Excellence is critical. We must facilitate the link between the laboratory and the operational world. Our best-practices clearly illustrate the potential when these relationships are realized. The progress being made by the Department of Homeland Security at the direction of this committee has been noteworthy. It is an honor and a privilege to be invited to testify and to contribute to the collective national security effort. Chairman Thompson. I now recognize Dr. Bailey to summarize her statement for 5 minutes. STATEMENT OF SUSAN R. BAILEY, PH.D., VICE PRESIDENT, GLOBAL NETWORK OPERATIONS PLANNING, AT&T INC. Ms. Bailey. Thank you, Mr. Chairman, Ranking Member King and members of the committee. My name is Dr. Susan Bailey, and I am AT&T's Vice President for Global Network Operations Planning. In that role, I am responsible for designing AT&T's unified network operations model, which includes our network's business continuity and disaster recovery. In addition, I have direct operational experience in addressing some of the worst national disasters in recent years. As the Nation's largest communications company and as a major global carrier, AT&T is a critical link in keeping our society connected, especially during disasters. We recognize that within our footprint we provide lifeline and emergency communications services for the communities and people in our footprint. In addition, we also recognize that on our infrastructure, key government agencies and all of the major critical infrastructures in our economy provide or use our infrastructure for carrying their mission-critical applications and communications services, so we recognize firsthand that people's lives and safety, as well as the very function of our government and of our economy, depend on AT&T's ability to maintain our network infrastructure and on the services we provide. We take this responsibility very seriously, and we approach disaster preparedness as a fundamental operational requirement that we architect into the core of our network and in how we approach our operations. Now, AT&T focuses our business continuity approach on functional resiliency as distinguished from asset protection. We certainly do take action to protect our assets, but the notion of functional resiliency is that our mission-critical functions can carry forward and can be sustained despite the loss of individual assets. So we design our network, our work centers and the operational processes within them, as well as our support systems and our information technology, with backup plans and with alternate arrangements so that we can sustain those mission-critical applications and operations despite the loss of individual assets. Now, since it is very seasonal that the 2008 hurricane season is fast approaching, right around the corner, I thought I would say a few words about some of the things that AT&T is doing to prepare for the upcoming hurricane season. Now, since the hurricane season tends to impact the Southeast United States more significantly than other parts of the country, we have actually looked at our traffic volumes. Based on predictions of increased volumes on our wireless network, we have taken action to expand our capacity to be prepared for, you know, the increased load that we would project in a disaster scenario. In addition, hurricanes are largely power events for us where, you know, we lose commercial power and need to sustain our network despite the loss of commercial power. So we put a lot of energy up front into validating the readiness of our power and infrastructure with respect to having extended-life batteries, in topping off our fuel tanks, in testing our generators, and in deploying more generators both on a permanent basis as well as mobile generators that we can move around to our locations as we need to. In some cases, we have actually installed permanent generators that run on natural gas, which frees us up from the need of having to refuel those generators. Now, we maintain a large fleet of mobile disaster recovery trailers, that are basically central offices on wheels, along with emergency communication vehicles, mobile command centers, HAZMAT equipment, decontamination trailers. We look at the profile of where we have got that equipment as it is located in warehouses around the country and around the world, and we will actually preplan and will dispatch additional equipment toward the Southeast so it is ready to be deployed on short notice. Now, in the area of cybersecurity, AT&T has unique capabilities on both the prediction and the prevention, as well as on the mitigation and response. On the predictive side, we have the ability to pattern and to profile our network traffic on our Internet backbone, based on time of day, day of week and types of traffic from point to point. When we know what ``normal'' looks like, we have the ability to take abnormalities such as hackers who are testing out their malicious code or who are probing the network, looking for vulnerabilities; and we use that ability to detect abnormalities, to give us that advanced alert, so that we can take action in advance to protect our network before the actual launch of a cyber attack. Now, on the mitigation and response side, we offer our customers a distributed denial of service remediation. A distributed denial of service attack is basically lots of traffic headed toward a particular machine or a particular Internet IP address that consumes that machine with having to respond to lots of brief inquiries. We have the ability from the core of our network to redirect traffic toward scrubbers that are imbedded within our network, and those scrubbers can then, based on the signature of the malicious attack traffic, filter out the bad traffic and then reinsert the good traffic back toward its ultimate destination. Thank you very much, and I am looking forward to entertaining questions. Chairman Thompson. Thank you for your testimony. [The prepared statement of Ms. Bailey follows:] Prepared Statement of Susan R. Bailey May 6, 2008 My name is Dr. Susan R. Bailey. I am AT&T's Vice President, Global Network Operations Planning, located in Bedminster, New Jersey. I appreciate the opportunity to share ideas with Members of Congress and other industry participants to enhance America's homeland security capabilities. I have over 20 years of experience in developing, deploying and operating advanced communications technologies and support systems, and have held numerous positions in planning, network operations, and product research and development. In my current role, I develop the network operations model spanning all services and technologies for the entire company, including global and long distance services, regional access, wireless mobility, and video applications. I am, therefore, intimately familiar with AT&T's principles and methods for building and maintaining a robust communications infrastructure. As the Nation's largest communications company, AT&T is a critical link in keeping our society connected--especially during disasters. Among other things, we provide lifeline and emergency communications to millions of consumers and businesses; mission-critical support for government agencies and institutions; and robust communications networks and support for the full range of business enterprises, including in the healthcare, electric power and banking sectors. We know that, in many ways, peoples' lives and safety, as well as the function of our government and economy, depend on the services we provide. For these reasons, ensuring that our component of the Nation's infrastructure is sound and resilient is one of our top priorities. The following outlines AT&T's approach to protecting its network and responding to disasters, and includes some examples of that approach in action. at&t's network reach AT&T operates one of the most extensive communications networks on the planet. We have deployed and maintain more than 500,000 miles of fiber in the United States, under the oceans, and around the world. Every day our network carries more than 16 petabytes of data--the equivalent of moving the entire written contents of the Library of Congress every 35 seconds. In the United States, we are the leading provider of broadband Internet access services; the leading wireless provider--able to offer 3G wireless broadband in 265 major metropolitan areas; and the leading provider of telephone service in rural areas. We have equipment deployed to serve 143 countries. All told, over 1 billion devices are connected to AT&T's network, and we make data services available to 97% of the world economy. The breadth of AT&T's network allows us to provide unmatched quality across an unmatched range of services, but it also necessarily means that our capabilities are subject to a wide range of threats. These threats include power outages, hurricanes, typhoons, earthquakes, terrorist attacks, and even an otherwise innocuous fiber-seeking backhoe that accidentally strikes an underground cable. Moreover, we see indications of nearly 39 million potential cyber-attacks every month; while these do not result in physical damage, they can wreak havoc on the logic of a network that is not adequately defended. And, of course, health pandemics, transit disruptions, or work stoppages can affect our workforce, which in turn can directly impact our networks. We worry about and plan for all these incidents--and more. at&t's approach to business continuity and network resiliency AT&T is in the business of connecting people anywhere and any time. In order to connect people, continuity of operations is critical. The hallmark of our business continuity program is a common, structured approach to infrastructure design, management, and execution. Our enterprise business continuity paradigm focuses on protecting three types of assets: (1) The network itself, i.e., the computers, switches, routers and fibers that carry our customers' data. (2) Work centers and the people who work in them, in particular those that perform mission-critical help-desk and network operations functions. We plan for the safe evacuation of our people through emergency communications and evacuation plans. And we plan for the recovery of mission-critical work functions, such as customer help desk and network operations, in alternate locations or arrangements. (3) Network management tools, such as network and customer databases, ticketing systems, provisioning and alarm management systems, and business process automation platforms. More specifically, AT&T focuses on service or functional resiliency. At its core, this means the continued operation of a function despite the loss of certain assets and controlling the impact once a threat arises. This compares to a strategy that unduly emphasizes the elimination of all possible threats. We cannot prevent a tornado or earthquake--or a terrorist attack--from destroying one of our buildings. But we can protect the functions performed in that location, such as by maintaining an alternate site geographically distanced from the primary site. To be clear, we certainly do our fair share of asset protection, such as securing the physical environment along our fiber routes or employing building security. But no amount of protection can possibly guarantee that any asset can completely be protected. at&t's philosophy in action Consistent with our general philosophy, we leverage technology to protect functions and the services despite failure and disasters. For example, the telecommunications infrastructure depends heavily on commercial power. We therefore build resiliency into our major offices by connecting them to two different and diverse electrical substations. In addition, we equip them with battery backup and auto-start generators for continuous operation in the absence of commercial power. This fundamental design has sustained us through even widespread power outages, such as the widespread power outage of 2003.\1\ --------------------------------------------------------------------------- \1\ In order to provide continuous service in the face of a power outage, AT&T and other service providers require access to the impacted area to refuel generators and perform other tasks. Especially in connection with disaster situations, providers often need the help of the government to gain access to areas and obtain needed fuel and supplies. It would be worthwhile, therefore, to develop methods and systems, which should include necessary pre-approvals or certifications, to ensure that gaining access to critical infrastructure is a priority in any disaster scenario. --------------------------------------------------------------------------- In addition to diversity of power, we employ diversity of fiber and other equipment. For example, most of our fiber routes have a physically diverse, geographically separated alternate route. This physical fiber diversity extends all the way to building entrances. In addition, the fiber connections to our major central offices have two separate entrances at different places within the building. Likewise, customer applications or data storage solutions can be hosted in any of AT&T's 38 worldwide internet data centers, with backup and failover capacity to provide uninterrupted capability even in the face of the loss of an entire data center. Servers and databases for a given application can be deployed, for instance, in a data center on the west coast and another on the east coast, perhaps configured to share the load between them under normal operating conditions. If, for whatever reason, one of the centers fails, the other could pick up the load and continue with uninterrupted service. One of our most powerful assets to handle disasters of almost any kind is our fleet of more than 500 trailers equipped with all the gear we need to run our network--routers, switches, multiplexers and the like; these are mobile central offices. AT&T has been building and expanding this fleet for more than 15 years and so far has invested over $500 million in these disaster recovery assets. On a normal day, the trailers are stored in warehouses around the world. But they are not just collecting dust: they are right now connected to our network, monitored and managed, upgraded and repaired, just like any other element of our network. If we need any of the equipment, we can literally unplug a trailer, hook it up to a truck, and drive it to wherever we need it. And, we have software support that enables us to download all of the configurations that we use throughout our system almost instantly, which reduces the actual turn-up time at a site down to our objective of 72 hours. We test our disaster response capability four times per year so that we are ready to respond. In fact, at the same time as this hearing, AT&T will be conducting a simulated disaster scenario in Chicago. Perhaps the most storied use of our mobile network facilities was in connection with the horrific events of 9/11. Because our mobile equipment is capable of operating in the stead of even the largest of our major central offices, we were able to use them to recover our transport hub that was in the 6th sub-basement of the World Trade Center South Tower, which was totally destroyed, as well as support three switches in nearby buildings that were heavily damaged. We dispatched trailers to New York, and by noon that day they were setting up in a parking lot across the river in Jersey City. Within 48 hours, these trailers were completely installed, configured, and ready to accept traffic. Another dimension of the 9/11 disaster was the unprecedented traffic volume, all concentrated in and out of lower Manhattan, precisely where we had lost a major portion of our network capacity due to damage. Four hundred thirty-one million call attempts were made on our network on 9/11, which far outpaced our previous record day of 330 million call attempts. Through our Global Network Operations Center, we rerouted all traffic not directly destined for lower Manhattan, and prioritized traffic to maximize our ability to deliver outbound calls from lower Manhattan. As a result, AT&T successfully delivered 96% of Government Emergency Telecommunications Service (GETS) calls on 9/11. Much of our effectiveness in disaster response and recovery results from our emphasis on training and practice. We run exercises of our work-center, network, and systems disaster recovery plans multiple times a year to ensure that we maintain a state of readiness. We learn from each one, and we keep our staff fresh on exactly what they need to do. This enables us to implement our plan quickly and efficiently when an unexpected event hits. a note on cyber-security We treat cyber security as an integral part of our network operations model, and have invested significant resources to become the industry leader in securing our network and our customers from the full gamut of cyber threats. The diversity of our network and the services we provide has given us deep insight into the most effective means to combat cyber-crime and other threats. The raw quantity of data traversing our network allows us to identify and discern traffic patterns across a 24-hour day and a 7-day week. This gives us a unique ability to detect abnormalities that can suggest cyber crimes in the making. We have learned that worms and viruses rarely hit without any preceding indicators. We see the hackers testing and probing, looking for openings and vulnerabilities, and sometimes even rolling out their code on a limited basis to see how it works, days and weeks in advance of the full scale launch. Now that we understand these anomalies and how they can serve as important leading indicators, we use this information (and take advantage of the lead time it provides us) to take the action on our network and with our customers to load the filters and patches necessary to combat the hack or virus. In this regard, AT&T is pleased to offer our new network-based security services, which help our customers migrate away from a totally perimeter-based approach. Because placing security intelligence at the edge of the network or into individual applications is costly to scale and difficult to manage, a network-based approach is often superior, as it is more nimble and efficiently distributed. One example is our offering to protect customers from Distributed Denial of Service (DDOS) attacks. A DDOS attack involves large numbers of ``attackers'' (mostly infected PCs whose owners do not realize anything is wrong), sending large quantities of data, all destined for the ``victim'' machine, ultimately overwhelming it. For customers who purchase our DDOS protection capability, we can, from inside the backbone of our network, detect emerging DDOS attacks, redirect attack traffic to scrubbers inside our network that separate the good from the bad traffic, and in turn redirect the good traffic back to a customer's IP address so that the customer can sustain operation without even feeling the effects of an ongoing attack. I trust that the foregoing aids in your consideration of proper homeland security methods. AT&T looks forward to an ongoing discussion of these issues with the committee. Chairman Thompson. I now recognize Ms. Arnold to summarize her statement for 5 minutes. STATEMENT OF MARY ARNOLD, VICE PRESIDENT--GOVERNMENT RELATIONS, SAP AMERICA Ms. Arnold. Thank you, Mr. Chairman, Ranking Member King and members of the committee. I am pleased to address the need to broaden U.S. homeland security policy to include resilience, which in simplest terms is the ability to resume activities after an attack or after a disaster like 9/11 or after a hurricane like Katrina. At this time, I have a longer version of my testimony which I would like to submit for the record. My name is Mary Arnold, and I am Vice President of Government Relations for SAP. SAP is the world's leading provider of business software solutions for government and for private enterprise. We have more than 14,500 supply chain management customers in all market sectors. Because business continuity and supply chain management are critical to our customers, we understand the need for information technology that provides resiliency and redundancy. Today, much of the global supply chain's critical components are in private hands. Certainly, U.S. industry needs to take a proactive role in developing, in deploying and in exercising plans that will ensure that a disruption in the supply chain will not result in a crippling blow to their respective businesses. Government is also a critical player. Although we cannot predict or prevent every potential disaster, we can identify our vulnerabilities in a variety of scenarios and can take steps to reduce them with the right information technology, redundancy solutions and a highly developed continuity of operations plans. Last month, I led a panel in New York with other corporate executives on how to build a resilient nation by enhancing security and in ensuring a strong economy. There were three very important lessons learned. First, there are no one-size-fits-all solutions. Supply chains link thousands of companies in hundreds of industries and in dozens of countries. Supply chains must work seamlessly across all of these boards. While there are core elements to all supply chains, what works for one company may not work for another. Critical components for success include flexibility, adaptivity and resilient solutions. Our public policy should encourage government and private industry to collaborate to achieve solutions that work globally. Second, we need to take an enterprise approach to resiliency through what we might call a ``resiliency chain.'' For example, during Hurricanes Katrina and Rita, a global chemical manufacturer required real-time information regarding goods and materials on ships scheduled to dock in Houston and in New Orleans. A primary concern was the risk to the environment should shipments become lost at sea. Because of the adaptive business network and their ability to monitor the supply chain from end to end in real time, the company was able to determine which ships were still in port, which were in transit and which had already reached Houston and New Orleans. Within 24 hours of Katrina's hitting the gulf coast, the company received the complete listing of container shipments that had arrived prior to the hurricane. Because the software was able to show when a container leaves a port, when it reaches its destination and when it clears Customs, this chemical company was able to determine the location of their ships in harm's way and reroute them accordingly. The third lesson: We need to consider how to incorporate our global trading partners into our resiliency chain planning. There are critical assets necessary for recovery located outside of the United States. These, too, could be vulnerable to natural or manmade disasters. Global collaboration will be necessary to ensure our ability to recover and to move forward. The government's role in resiliency chain planning is to balance the interest of stakeholders, to set broad objectives and strategies and to provide oversight. The private sector can provide the means and the execution. By working together and leveraging the strengths of each, we can accomplish a great deal to improve our national resilience. The private sector can be a great partner to the government in developing solutions to capitalize on existing resiliency chains. Using commercial, off-the-shelf technology products, the industry provides solutions which also reduce time, cost and complexity. Technology solutions to support resiliency chains, we believe, should have the following characteristics: The solutions must take in vast amounts of detailed data, analyze it and return valuable information to the user. These solutions also must integrate information across many large, interconnected enterprises. They must be based on global standards and must reflect an open architecture that can take in data from legacy systems as well as the latest technology solutions. Finally, such solutions must be technologically agnostic. They must work with one another, open standard technologies, and not be based on one mode of communication such as a hard- wired telephone grid which may fail in a disaster. In conclusion, securing our homeland requires the ability to respond to and recover quickly from a catastrophic event. Strengthening the resilience of the Nation must be a critical component of our homeland security policy. In order to ensure resiliency and recovery, we must develop public-private partnerships that utilize the resources of both sectors and that play to their strengths. We must develop and deploy new technologies that will ensure that we build greater redundancy in our key infrastructure and distribution systems. Most importantly, we must put our efforts toward building public-private partnerships which provide the knowledge and tools to confront any challenge that we may face. I commend you, Mr. Chairman, and all members of this committee for seeking ways to improve the national ability to recover quickly from a catastrophic event. We at SAP believe that resiliency must be at the center of U.S. homeland security planning, and we stand ready to participate in any and all efforts to achieve this important goal. I would be pleased to answer any questions. Chairman Thompson. Thank you very much. [The prepared statement of Ms. Arnold follows:] Prepared Statement of Mary Arnold May 6, 2008 introduction Thank you, Mr. Chairman, Congressman King, and members of the committee. I am pleased to be here today to speak about the need to broaden U.S. homeland security policy to include homeland resilience-- the ability to resume activities after an attack or disaster like 9/11 or Hurricane Katrina. Today, much of the global supply chain's critical components are in private hands. Certainly, U.S. industry needs to take a proactive role in developing, deploying, and exercising plans that will ensure that a disruption in the supply chain will not result in a crippling blow to their respective businesses. But, government is a critical partner in that process, and for that reason, I want to commend, and thank, the committee for recognizing the importance of this issue and dedicating the month of May to discussing homeland resilience as a core component of U.S. homeland security policy. My name is Mary Arnold, and I am Vice President of Government Relations for SAP. SAP is the world's leading provider of business software solutions for government and private enterprise, and the third largest software manufacturer in the world. Because business continuity and supply chain management are critical to our customers, we understand the need for information technology that provides resiliency and redundancy. That is why SAP is the supply chain solution used by a diverse range of private and public sector customers, including over 75 percent of the Forbes ``Global 500'' companies, and public sector entities including Clark County, NV, the North Carolina Department of Transportation, the New York Port Authority and the Defense Logistics Agency, to provide them tailored resilient solutions that are flexible, adaptive and responsive. Our understanding is reflected in our over 35- year company heritage of listening to and working with our customers and experts in industries which reflect the entire spectrum of the global economy and public service entities. Although we cannot predict or prevent every potential disaster, we can identify our vulnerabilities in a variety of scenarios and take steps to reduce them with the right information technology, redundancy solutions, and highly developed continuity-of-operations plans. Last month, I attended and led a panel at a forum in New York along with 100 other corporate executives entitled: ``Building a Resilient Nation: Enhancing Security, Ensuring a Strong Economy.'' In the discussions that took place there, it was clear that achieving resiliency will require a broad-based and comprehensive solution. Today, however, I am going to focus my comments on the role of information technology. perspective from sap First, to state an obvious but crucial fact, there are no one-size- fits-all solutions. Supply chains link thousands of companies in hundreds of industries and dozens of countries. Supply chain solutions must work seamlessly across all of these borders. There are core elements, such as storage and distribution points, transportation modes, and a supplier-customer relationship endemic to all supply chains. But, there is also diversity in the U.S. and global economy such that what works for one company or industry's supply chain may not reflect the requirements of another. Thus, within every industry, we have seen the need for flexible, adaptive, and resilient solutions. We must ensure that our public policies reflect this diversity and we, as government and the private sector, must work together to ensure that solutions represent the variety of industries, cultures and companies that exist, not only in the United States, but throughout the world. Second, we need to take an ``enterprise'' approach to resiliency, or what we might call a ``resiliency chain'' approach. By ``enterprise'' I mean a holistic, all-encompassing perspective. For example, in the energy industry, our vision must go beyond rapid recovery for a single drilling rig, refinery, or pipeline. We need to look at the ENTIRE enterprise from the platform all the way to the gas pump. Similarly, in the defense industry, we speak of ``factory to foxhole/flight line/frontline to factory'' supply chains. That is, a perspective that reflects consideration of all the events, infrastructure, and players within that supply, or resiliency, chain. A resiliency chain also needs to have real-time intelligence on alternatives to pieces of the existing value chain, with the existing ``value chain'' reflecting all the steps and players in which a product is designed, manufactured, marketed, and distributed to customers. For example, if pharmaceutical company ``A'' is the sole source of a key vaccine, what other pharmaceutical companies have similar manufacturing capabilities, and how could they be rapidly re-purposed in the event of an emergency? Redundancy is one of the core elements of the resiliency chain. For example, if crucial raw materials normally move by rail, what are the backup plans if our railroads become disabled? If telephone lines go down, what are the backup means of communicating? Third, we need to consider how to incorporate our global trading partners into our resiliency chain planning. These partners, too, could be the primary sources of critical inputs, such as energy products; and they, too, could be crippled by natural or man-made disasters. Again, a broad enterprise perspective and global collaboration will be necessary to ensure our ability to rebound and move on. public private partnership What is the best role for government in resiliency chain planning? The government's role in this context is to be the champion and facilitator of the resiliency chain, balancing the interests of stakeholders, setting broad objectives and strategies, and providing oversight. The private sector can provide the means and the execution. By working together and leveraging the strengths of each, the public and private sectors can accomplish a great deal to improve our national resilience. Stephen Flynn at the Council on Foreign Relations wrote a fascinating article in the March/April 2008 issue of ``Foreign Affairs'' in which he stated that sustaining the United States' global leadership and economic competitiveness relied, ultimately, on bolstering the resilience of its society. He went on to describe a need for a sustained commitment to four key factors in order to achieve this level of resilience, which I would like to elaborate on for you today. First, there is robustness or the ability to keep operating or to stay standing the face of danger. In a public/private partnership, we can work together and make the investment to ensure that our infrastructures, both physically, as well as operationally, are in place to deal with the challenges ahead. Secondly, we need to focus on resourcefulness, which involves skillfully managing a disaster once it unfolds. For example, Switzerland has developed and fielded a solution which links its country's hospitals, police, fire brigades, executive staff, and the armed forces in its 26 cantons (administrative regions). Active since 2004, the solution underwent its first (and successful) live test in support of the World Economic Forum in 2005. The third element of resilience is rapid recovery, which is the capacity to get things back to normal as quickly as possible after a disaster. Small towns and large cities across the United States are training their citizens to be auxiliary first responders. This is a perfect opportunity for the public and private sectors to commit resources and collaborate. Finally, resilience means having the ability to absorb new lessons that can be drawn from a catastrophe. As we have seen in the wake of the September 11 attacks, we have created systems to bolster our critical transportation hubs and homeland security. The private sector is in a prime position to provide resources and play a role in implementing lessons learned. identifying solutions The private sector can be a great partner and asset to the government in developing solutions to bolster existing resiliency chains. Utilizing already developed, ``commercial, off-the-shelf'' technology products, that is, products with significant amounts of commercially available IT functionality already built in to them, thus reducing implementation time, cost, and complexity, we can create solutions that meet the needs and address the diversity of today's public and private sectors. When you look at IT solutions to support resiliency chains, however, keep in mind that you need solutions with the following characteristics: The solutions must take in, manage, analyze, and ``push'' back information to the user based on vast amounts of detailed data; These solutions also must integrate information across many large, interconnected enterprises, to become literally a global enterprise; These solutions must be based on global standards and reflect an open architecture which can take in data from legacy systems, as well as the latest technology solutions. Finally, such solutions must be ``technologically agnostic.'' In other words, they must work with other, open source technologies, such as all types of databases, and cannot be based on one mode of communication, such as a ``hard-wired'' telephone grid, because that mode of communication may fail in a disaster. conclusion Thank you, Mr. Chairman and members of the committee. Securing our homeland requires the ability to respond to, and recover quickly from, a catastrophic event, whether natural or man-made. Thus, strengthening the resilience of the Nation must be a critical component of our Homeland Security policy. The U.S. and global economies depend on a just-in-time supply chain that is susceptible to serious disruption that can cripple economic activity. Yet today, the private sector also incorporates resiliency planning, such as keeping track of alternative supply sources and back- up transportation modes, to minimize any disruption to their supply chains. In order to ensure resiliency and recovery, we must develop public- private partnerships that utilize the resources of both sectors and play to their strengths. We must develop and utilize new technologies that will ensure that we build greater redundancy in our key infrastructure and distribution systems to establish the foundation from which to recover after disaster strikes. Most importantly, we must put our faith in a public and private partnership which, working together, has the knowledge and tools to confront any challenge that we may face. So again, I commend you, Mr. Chairman, and all members of this committee for seeking ways to improve our national ability to recover quickly from catastrophic events. We at SAP believe that resiliency must be at the center of U.S. homeland security planning and we stand ready to participate in any and all efforts to achieve this important goal. That concludes my prepared remarks, and I would be pleased to answer any questions. Chairman Thompson. I would like to thank all of the witnesses for their testimony. I will remind each member that he or she will have 5 minutes to question the panel. I will now recognize myself for questions. Mr. Baker, in your opening statement, you talked a little bit about how your office promotes resiliency. Can you identify a particular department, or component in a department, which you think is an example of resilience or one that you would consider a successful model? Mr. Baker. I would be glad to. I think that, in terms of allowing resilience, one effort that I would point to, which is a joint effort by the Coast Guard and CBP, is preparing for the possibility that our ports would be disrupted by an act of terrorism or by a natural disaster. CBP and the Coast Guard have set up mechanisms by which people who are coming to a port can learn what the status of the port is and then can report back to CBP and to the Coast Guard about what alternate ports they intend to use. This allows the trade of a lot of flexibility in deciding where they are going to go based on what the market calls for; but because they are in constant communication with the Coast Guard and CBP, it allows the Coast Guard and the CBP to move their assets quickly to new ports of entry to handle the new load that would come as a result of the ship. Chairman Thompson. Thank you. I would ask some things that you think Congress, as a body, could do to promote resiliency other than what we are doing now. Mr. Baker. I think these hearings are a very good start. Resilience is something that has to be part of all of the disaster planning, of all of the planning for an event; and it is something that requires that you ask in the emergency, ``How can we help individuals and businesses make good decisions on their own?'' There is no one solution to that, but I think drawing attention to the importance of resilience does help all of our planners address that issue. Chairman Thompson. Thank you. Dr. Sheffi, your testimony clearly states that a resilience-based approach to disruptions, including intentional, human-made attacks, is in a company's best interest. Do you have a guesstimate of where the private sector, as a whole, is in preparing for incidents like this? Mr. Sheffi. The quick answer is, no. But there is such a wide range of preparedness among companies. Even today, there are companies--let me mention the good examples rather than the not so good. There are companies like Intel, for example, that became a model of preparedness, drilling, resiliency. They even go-- every month, there is a team from Intel that goes somewhere in the world, to some plant, and says, ``Do you know this manufacturer of whatyamacallit part?'' They are now out of business. They run the whole plant to 48 hours of exercise in trying to qualify new supplies, qualify new transportation routes. Plant managers' bonuses are based on it. Now, they do a lot of other things, but that is, you know, a very good example. There are companies that say, ``We cast our lot with the rest of them.'' So there is such a wide variety in what you see. I can say that the good news here is that most large corporations are taking resilience seriously and are preparing and are drilling. Chairman Thompson. Well, we heard the AT&T example---- Mr. Sheffi. Exactly. Chairman Thompson [continuing]. Of what they do. Is there something you think Congress could do to encourage resiliency outside of government, to say, we think it is good for you to create a component for resiliency? Mr. Sheffi. There are two elements. As I say, there is a redundancy element. Redundancy costs a lot of money. For example, I have been--it happens to be dangerous to be around me because I was in London and in Madrid during the attacks. The first thing that happens is, the cell phone network goes down. You cannot communicate, and the lines outside, in a public phones, the few that are there, are, you know, enormous. Can there be some mechanism for the public sector to help the private sector invest in significant redundant capacity? Because this costs money. The part where companies know and help themselves is creating flexibility, because if one creates flexibility to be able to respond to disruption, by the same token, one creates flexibility to respond to the marketplace, to demand. There is one thing that is clear in all markets today, which is that demand is fluctuating more and more. There is more and more uncertainty in demand. Companies that can respond better to demand, to competitive pressures, to all kinds of changes are better off in the marketplace and can increase market shares. There have been quite a few examples of companies that, during disruptions, actually increase market shares because they were better prepared. Chairman Thompson. Thank you. My time has expired. I yield to the ranking member of the full committee, the gentleman from New York, for questions. Mr. King. Thank you, Mr. Chairman. Secretary Baker, if I could just ask you to look forward a bit to next December, what advice would you be giving to the incoming administration, no matter which party it is, as to what they should be doing, from the Department of Homeland Security's perspective, as far as increasing resiliency? Mr. Baker. I think the most important thing and the thing that is easiest to miss when you are new is the importance of planning and exercising for events so that it is not--as Dr. Sheffi said, it is not the theory of how you respond, it is a response that you have actually practiced. As you get older, it gets harder to learn except by doing, I find, and going through exercises as a way of ensuring that the government actually has a flexible response is probably the most important thing that a new administration can do. Mr. King. I know the Department has made a concerted effort to increase cooperation between Federal, State and local governments as far as sharing intelligence, as far as working together to head off attacks. When it comes to the issue of resilience, how much cooperation is there between DHS, the State and local governments and the private sector? Mr. Baker. I think our cooperation is good through fusion centers. We have come to know a lot of the participants in this process. As you know, the Congress created an Assistant Secretary for State and Local Law Enforcement. They have put that office in my office. We have appointed Ted Sexton, a former sheriff from Alabama, to that job. His first task is to look at the question of how do we build resiliency for law enforcement so that neighboring jurisdictions can supply law enforcement packages to communities in need on a fast basis but on an organized basis, so that it is not just individual police officers showing up without support. That is something that we are working on and expect to have a proposal for in the next few months. So that is something that, I think, will add greatly to State and local cooperation with the Federal Government in providing the fundamental order that allows people to go at the business of recovering on their own, bouncing back from a disaster. Mr. King. I do not want to turn this around on Secretary Baker, but do any of the other panelists--can they suggest what the Department should be doing that it is not doing or, say, what the Department next year should be doing to continue this effort? Mr. Southers. Mr. Southers. Yes, sir. On two fronts, first on the Centers of Excellence, I have the very unique opportunity--in addition to being Chief of Intelligence in Homeland Security, I am also an Associate Director of the Center of Excellence at USC. One of the things that we have done is, we have leveraged their research capabilities, what we are calling ``translational research,'' research that is going directly from the laboratory to the field and to the people who are operational. You have got 13 Centers of Excellence that, with all due respect, probably house the best and brightest people in this country who are researching homeland security solutions. I think we should, perhaps, leverage those Centers with our critical infrastructure sites that need that capability and that knowledge to test out possible solutions for resilience, should we have a man-enabled or a natural disaster. The second item is in the area of intelligence. It might be a wise suggestion or move to embed our regional security advisors, meaning the protective security advisors, TSA and surface transportation advisors, within the local fusion centers. We have the unique fortune at LAX of having every section or every agency of government at our airport, and so our relationship and our communication in terms of intelligence is pretty seamless. But I think if we were able to embed these folks into the fusion center we would then be able to enhance our risk-based decision-making with intelligence-led decision- making, as they are doing in London and in Israel. Mr. King. Dr. Sheffi. Mr. Sheffi. It is something more specific, maybe because I was born in a different country and I spent a lot of time in Europe. I was struck in the United States by the amount of volunteerism after a disaster and by how uncoordinated it is. There is a huge outpouring of goodwill and support that is not being captured. It happens in every big disaster in the United States. You see it, but there is no mechanism to capture it, to coordinate it and to use it. In addition to this, as far as the private sector is concerned, provide some type of regulation, some type of incentive for drilling and some type of auditing that verifies that companies are drilling and testing and that they are, you know, coming up to the standards of AT&T and of other good corporate citizens. Mr. King. Thank you, Doctor. Thank you, Mr. Chairman. Chairman Thompson. Thank you very much. We now recognize the gentlelady from Texas for 5 minutes, Ms. Jackson Lee. Ms. Jackson Lee. Mr. Chairman, let me thank you very much, and I thank the witnesses as we probe this topic. I do not think there is, certainly, a more important aftermath than the ability to get back up on your feet. It seems to be an American challenge. Certainly, we would like to think it is an American value as well. Let me just start quickly--and I have a series of rapid- fire questions, Ms. Arnold, just to ask you directly. Do you think the Department of Homeland Security has adequately focused on promoting resilience? Do you think the word is out that getting back on your feet is just as important as being able to counter the attack that may come, but that resilience in starting back up is crucial? Do you get a sense that there is that kind of focus at the Department of Homeland Security? Ms. Arnold. I do believe that both Congress and the Department are keenly aware that this needs to be addressed, and there is an understanding that there needs to be a collaboration and a streamline of communications. Ms. Jackson Lee. What do you see specifically that gives you the sense that that is happening, in that you are giving me that response? What is there concretely that suggests that that is the case? Ms. Arnold. Nothing other than just conversations with staff at this point. Ms. Jackson Lee. Let me move to Mr. Baker and ask the question about resilience and for you to give us some of the examples. I guess you stated some of them in your statement, but some--again, concrete examples and then results of the agency's emphasis on resilience. Mr. Baker. Yes. Thank you. As I said, we think that in many cases the key to resilience is to give people good information and to make sure that they have the freedom to act on that information. In the business context, where we are thinking about resuming operations at a port, we have an established mechanism for doing that. The same is true for ports of entry. We are all quite aware of the importance of the U.S.-Canada border economically and of the smooth flow of traffic across that border, even after an event, on the question of how will we resume traffic if there has been any interruption. Again, we have protocols designed to make sure that information gets to people who are coming across the border so they can plan, so they can adjust on their own to changes as a result of a natural disaster or an act of terrorism. Ms. Jackson Lee. Let me just ask if you could submit in writing maybe some concrete broader responses to resilience that relates to a broader sector. I will just leave that on the record---- Mr. Baker. I will be glad to do that. Ms. Jackson Lee [continuing]. And ask that you have that in writing. Let me ask Dr. Sheffi, and I know his name has been pronounced in many different ways, but let me welcome you---- Mr. Sheffi. Sheffi is fine. Ms. Jackson Lee [continuing]. And ask quickly if you look to New Orleans and you look particularly to the healthcare sector, there is no effectively running hospital. The public hospital is not open. What is your response to DHS's focus on resilience, and do you think that is a good showing of resilience when a city now 3 years late does not have a functioning public health sector? Mr. Sheffi. Tough question. I can only say that I was in Europe during New Orleans, and I thought it was al Qaeda propaganda, the thing they were showing on TV. So the magnitude of the failure was breathtaking, still going on. I actually don't think that the department of government in large part has been focusing on resilience. In large, it is totally understandable. Most defense forces, most governments think in terms of prevention, preventing an attack. That is what the public wants, the government to prevent it. It is actually, as the chairman said before, it is talking truth to the population, saying, look, we will not be able to prevent it 100 percent. That is not a stance that many executives like to take, because in some sense even talking about resiliency is admitting that failure is an option. It is much, much better-- -- Ms. Jackson Lee. So you think we have cracks in the armor? When we don't have a functioning hospital system that means we have a weak response in resilience? Mr. Sheffi. Of course. Ms. Jackson Lee. My time is short. So Mr. Southers, let me quickly ask you your experience regarding resilience in other countries where there have been terrorist acts. Do you have any sense of that that could be helpful to us? Mr. Southers. Yes, particularly in Israel they have a natural resilience. Everyone there is a first responder. Should there be an incident, everyone understands what to do. Their most important function in that country is a psychological impact that is going to be minimized by getting operations back in order. Same with London and the bombings that they had there. Getting things back in order is very important. So one of the things that we are trying to do here, as we respond to threats, we understand that threats can actually cripple the aviation domain. We are trying to be more intelligence-driven so that we can minimize the disruption and minimize the economic consequences of an attack or the threat of an attack to our aviation system. So those two countries in particular are certainly models of resilience as it relates to man-enabled disasters. Ms. Jackson Lee. I think we can look to those for guidance. I think there needs to be a resilience policy defined at the Department of Homeland Security. I yield back to the chairman. Thank you. Chairman Thompson. Thank you, Ms. Jackson Lee. I now yield 5 minutes to the ranking member, Mrs. Miller. Mrs. Miller. Thank you, Mr. Chairman. I like the sound of that very well. Thank you. I might pick up, Mr. Baker, with a comment you just made when you were responding to my colleague about the smooth flow of commerce between the United States and Canadian border, because I come from Michigan, of course, a border State. In my immediate vicinity, we have the Ambassador Bridge, which is the busiest commercial artery in the northern tier of the Nation, with a tunnel to Windsor underneath the Detroit River. In my immediate district we have the Blue Water Bridge, which is the second busiest commercial artery on the northern tier, and is the only one where you can transit hazardous material, as well as the CN rail tunnel that runs under St. Clair River, which is the busiest rail entry into our Nation. Immediately across the St. Clair River, if you are a good golfer you could hit with a golf ball--I couldn't, but somebody who is a good golfer could hit the largest concentration of petrochemical plants I think outside of New Jersey in our Nation as well. So we have a number of unique dynamics there. My question is going to go to how the Department actually works with the local communities, with the local counties, the States in particular on their response mechanisms and their planning process. It is my understanding that each of their respective States are responsible for constructing their own plan in regards to identifying soft targets, available resources that they may have, et cetera. I am just wondering how does the Department work with the various States in critiquing those plans? Do you do periodic updates? What can Congress do to assist the Department and the States? Mr. Baker. We do work closely with the States on their plans. We review them, we talk to them about them. We have to recognize that in an emergency, the State is the first responder. The local government is the first responder. Governors are quite jealous of their own authority to respond, and have a great confidence in their ability to respond. So we have to defer to their initial decisions about how to handle particular emergencies. But we have also learned the importance of having a very good plan that has been properly reviewed and exercised. We work closely with the States to encourage them to do that. We provide funding that assists them in preparing those plans. Then through fusion centers and the Homeland Security advisers, we provide a great deal of intelligence about the nature of the threat that they ought to be responding to and preparing for. Mrs. Miller. I just raise that question because I mentioned to you about the Blue Water Bridge. Several years ago, I personally went and looked at the viaducts, the underbody of the bridge on the Canadian side, where they had concrete embankments around all the viaducts. It appeared to me from a layman's term that they were fully prepared. Yet on the American side, on the Michigan side there was nothing. I personally called the Department of Transportation and said for goodness sake, get some concrete embankments around here. You could imagine if someone blows up one of these viaducts what it would do to the economics of the Nation, because both the genesis of I-69 and I-94 are at the foot of that bridge as well, obviously huge trade routes. So I just wonder how the committee worked with that. If I could, because I am running out of time here, I was very interested in your reference about the reverse 911. Could you sort of flesh that out for me a bit? Is this something that is just working in California? I wasn't familiar with that. Is it happening around the Nation? Mr. Baker. It is technology that was developed privately by a company that is now being rolled out in a variety of places. I think the company is from Indiana. It is a very valuable opportunity to communicate with citizens. But it is really just the beginning. All of us now carry cell phones that are capable of receiving messages that are targeted to at least broadly the location, because the cell tower we are all in communication with is a local spot that can be identified. It is true that cell phones stop working in emergencies, but text messages are much more likely to get through. Developing mechanisms and standards for communicating to people in an emergency what we know using text messages and perhaps getting text messages back is something that we are exploring quite actively right now. Mrs. Miller. Thank you very much. I guess I have 20 seconds left, so I will make one comment to Dr. Sheffi as well. I appreciate your comment about all the volunteerism that America has and throughout generations it has always been part of our strength. But I would say that I think the American Red Cross is a mechanism that we have put in place. Obviously, in the largest room there is always room for improvement. But the American Red Cross does a remarkable job in times of need to try to harness some of the volunteerism and shift those resources where they are necessary as well. I just want to make that comment as well. Thank you, Mr. Chairman. Chairman Thompson. Thank you. I will now recognize the gentleman from Pennsylvania for 5 minutes, Mr. Carney. Mr. Carney. Thank you, Mr. Chairman. Professor Sheffi, testimony from AT&T asserts that the metric for being resilient is resumption of activities within 72 hours. Does that metric make sense to you? Mr. Sheffi. Can we go to the next--no. Seventy-two hours may be obviously too long. One has to leave within 1 minute. AT&T understands their own technology better than anybody. The question is really what would it take? You want to get back within, you know, 72 seconds. The question is, is it technologically feasible? It is actually easy. Some of it is technologically feasible. The question is the price and who will pay for it. So when one said is 72 hours enough? No, it is never enough. One can always do better. But every company has to balance, you know, risks, shareholders, customers. AT&T, like any other company, I am sure does this type of balance. The role of the government, coming back to one of the questions before, is the government can actually tilt the balance. The government, through various actions, regulations, taxations can move AT&T and corporate companies like it to change their calculations about where the balance should be. Mr. Carney. Ms. Arnold? Ms. Arnold. Yes. Mr. Carney. I am over here. How do you quantify whether SAP is resilient? What metrics do you have? Ms. Arnold. What I can tell you how we look at our software solutions are very holistic, enterprise-wide from the tree top level down to the most granular down to a bin in your warehouse. Most of the software is provided with automatic alerts. So rather than waiting for a full-blown issue to arise, what we find with our software is that in many cases you are alerted to a small glitch before it becomes a major problem. Then as it escalates, if it shouldn't be solved at that level, then everybody from the plant manager all the way up to the CEO can be notified. One of the things that SAP does in our software is go through various scenarios. What if this? What if that? What are other suppliers if this supplier goes down? You can actually have visually go onto your plant floor and if you have an engine that is overheated in a critical part of your manufacturing plant, you can then switch that engine off and then go to another. So I guess what we would argue that we provide is real-time data to our customers as possible so that they can react quickly and collaboratively and with all of their partners. Mr. Carney. Is that resilience or is that just standard operating procedure? I mean, resilience seems to me being able to bounce back after something happens. Ms. Arnold. Sure. Mr. Carney. What is the metric for that that SAP has? Ms. Arnold. We would say from a resilient standpoint again is having redundancy. Again, when you have--we break out the whole solution so that when a company is making their planning processes, if supply A goes away, then generally they will have the ability to have identified supplies B, C, and D, and not miss a beat if supply A goes down. Mr. Carney. Okay. Thank you. One more question. From your point of view, do you think that DHS is adequately focused on promoting resilience? Ms. Arnold. I think that the Department of Homeland Security is extremely sensitive to what is going on, and is certainly addressing, making every attempt to address those needs at this point. I think that the dialog is just beginning and will continue to do so. Mr. Carney. So that is a yes or a maybe or---- Ms. Arnold. I think everybody involved is trying to do the best they can would be my answer. Mr. Carney. Okay. Mr. Southers, just a quick one, can you provide us your assessment of the quality and timeliness of the intelligence, the information you receive from TSA and DHS, intelligence community, et cetera? Mr. Southers. The timeliness that we have at LAX is quite extraordinary. We have officers that are in the fusion centers on both the Joint Terrorism Task Force and the Joint Regional Intelligence Center. They certainly could be enhanced, as I mentioned earlier, if some of the DHS assets were embedded in those centers as well, and also if some of our officers were given additional opportunities to staff those centers. But it has been seamless as a great result due to the Joint Terrorism Task Force and the fact that we are actually sitting in the same room sharing the information. Mr. Carney. Thank you. No further questions, Mr. Chairman. Chairman Thompson. Thank you. We now recognize the gentleman from New Jersey, Mr. Pascrell. Mr. Pascrell. Thank you, Mr. Chairman. Dr. Bailey, AT&T, do you have the State and local and Federal Governments participating in your exercises? Ms. Bailey. Sometimes we do. You are referring, I believe, to our network disaster recovery exercises. Mr. Pascrell. That is exactly what I am referring to. Ms. Bailey. Frequently we do. In fact, we had in an exercise that we held in the Washington, DC metropolitan area about a year or two ago, we had participation from the Department of Homeland Security specifically to trial some credentialing technologies and capabilities. Mr. Pascrell. Do you share information with the Department of Homeland Security? Ms. Bailey. Yes. Absolutely. We share--in fact, we hosted a commission from DHS just last week up to our global network operations center. I personally participated in that meeting with Secretary Jameson to share our approach, our challenges, and leverage DHS. I also do want to comment on the very good support we get from DHS as it relates to the sector coordinating council for telecommunications. DHS operates something we call the NCC NCS, national coordinating center for telecommunications. It is identified as the telecommunications coordinating council participating--you know, participants include all the major carriers as well as DHS officials. It has been in existence for many, many decades. It has served to be extremely helpful in preparing us and enabling us to coordinate to be prepared, as well as to coordinate after an event, to share information, to get information about, for example, in Katrina where exactly is the water so that we cold see what pieces of our infrastructure might be vulnerable. DHS has recommended expanding the notion of those sector coordinating councils across all the major critical infrastructures. I highly support that kind of an approach. It has been very helpful. Mr. Pascrell. Secretary Baker, I believe since the attacks of September 11, 2001, we have all said that it will take a truly multi-faceted approach to keep our Nation safe in the face of numerous threats. That, I assume, is, hopefully, and the committee believes this, a bottom-up approach that involves the community, regional planning, excuse my back, I am over here, and trained volunteers, talking about the doctor mentioned volunteers. There are two issues I would like to talk to you about. There is a story in the paper today, USA Today, let me read you the headline, ``Hospitals Can't Handle Attack''. Very interesting review. This is one aspect of it, but I think it is very, very, very reflective. They can't even withstand an attack from a modest--a modest terrorist attack. In fact, of the numerous cities that were involved, the seven major U.S. cities, Washington, Minneapolis, Los Angeles, Chicago, Denver, Houston, New York, they have a total of about 100 beds were vacant on the day they chose to do this test, March 25 at 4:30 in the afternoon. This is a disaster. It is not acceptable. We knew about it 6 years ago. There is no resiliency here whatsoever. These are hospitals that were very interested in serving. But what is more interesting is that this administration wants to cut Medicaid dollars, which in the words of Irwin Redlener, who is director of the National Center For Disaster Preparedness at Columbia University in New York, would even make matters even worse. We have a, he says, a really serious catastrophic acute event, a nuclear detonation or widespread chemical attack, we have thousands of victims simultaneously, there is no urban area that is prepared for large scale disasters. Why under those circumstances, Mr. Baker, would the administration be recommending cuts in Medicaid, which will only make this situation worse and exacerbate it? Mr. Baker. Well, as DHS's policy director, I have got a lot of responsibilities. Medicare isn't one of them. But I do want to answer your question. Mr. Pascrell. We are all working together here, aren't we? Mr. Baker. We are. Mr. Pascrell. Is this the Homeland Security Department that is looking at its own responsibilities over here and the administration is talking about an umbrella or comprehensive-- and certainly it impacts you. Mr. Baker. It absolutely does. We are committed to planning for a disaster, including a nuclear detonation. Mr. Pascrell. How are we doing in hospitals? Mr. Baker. We certainly, as you heard Dr. Sheffi say, building redundant hospitals that will sit there waiting for a nuclear explosion is not an answer to our needs. We will have to respond by using every available facility, including prisons and schools as hospitals---- Mr. Pascrell. Are there such plans to do that---- Mr. Baker. There are plans to do that. Mr. Pascrell [continuing]. Secretary Baker? There are no such plans, Mr. Baker. Mr. Baker, let me tell you something very important. Forget about attacks from the outside, you know, from some foreign nut case, let's talk about what is happening in the United States if we had huge disease spread out over the United States of America or in any particular section. Our hospitals are not ready to take care of that. Where is the resiliency there? Mr. Baker. I asked our director of health affairs about that. I said does the fact that the emergency room is full mean that you don't have an ability to respond to a disaster? He said not necessarily. I had a plane crash when I was running a county emergency system, and I called up the hospitals, and I said we have a plane crash, we need--immediately, we need beds. What they did is they stopped all the elective surgery for the next 3 days and they immediately freed up beds. Now they can't do that every day. Mr. Pascrell. Do you know how many beds were available at that particular time in March in Washington, DC, where we are sitting? Do you know how many beds were available? Mr. Baker. I don't know the number. Mr. Pascrell. Zero, nada, nothing. Mr. Baker. I will also bet you that there were people in beds---- Mr. Pascrell. That we could put out of beds, throw them out of bed. Mr. Baker [continuing]. Did not have to have surgery. Mr. Pascrell. How many people you think we could do that to? You have any idea how many people we could do that to? Mr. Baker. My understanding is there were a large number of beds were freed up by that. Mr. Pascrell. The resiliency, Mr. Chairman, is a beautiful word, multiple syllables, sounds good, very important. Very significant. I like the word. I like the etymology of the word, too. I won't go into that now. You talked about redundancy and flexibility. Hospital systems do not have that. The hospital systems don't have the luxury. If they don't get help--not only are they not going to get help, we are going to cut Medicaid. We are going to make it worse. Thank you, Mr. Chairman. Chairman Thompson. Thank you. The gentleman from New Jersey makes his point, as he always does. The gentleman from North Carolina, Mr. Etheridge, for 5 minutes. Mr. Etheridge. Thank you, Mr. Chairman. Let me sort of change the conversation to a little different area, but it deals with the same problem. Because I am always interested in how homeland security can address the safety and security of schools and school children, because they are part of this country. A critical part we tend to forget in New York, the schools were disrupted and children were for a long period of time. We didn't hear a lot about that, but it was. Specifically, whether it be a natural or manmade, it is still a problem. Because it is important to get communities back flowing and working. If you have children, parents understand that very quickly. For communities it is a critical piece because it is part of the resiliency. If you look at what has happened in New Orleans, schools still aren't operating, children aren't in school in some places. If you go to Houston, they are overcrowded. They still have the problems. So my question is this, Mr. Baker. How is DHS looking at resiliency as it pertains to school and the need for communities to provide essential services after a disaster? But also to prepare for it before it happens? Mr. Baker. We strongly recommend and support, including with funding through UASI and other programs, planning for a disaster that will affect a particular city. So that the cities who are having the responsibility typically for education will---- Mr. Etheridge. No, sir, it is not the cities. Mr. Baker. The local governments that have the responsibility for the schooling of our children---- Mr. Etheridge. But the Federal Government has the responsibility for the overall broad planning. Mr. Baker. We do have responsibility for making sure that there are plans. It is important, as I said when I was making my earlier statement, that we recognize that if resiliency depends on some central government making all the decisions, we will always have a brittle system and not a resilient system. We have to allow local decision-making, the creativity to respond to local conditions. That includes the creativity to come up with particular solutions that reflect the educational institutions that are in the area. So we encourage local planning for local disasters, and then we will back the schools up and we will back the communities up with Stafford Act funding and responses in the event of an emergency. We can help them with the planning. We can't do and shouldn't do the planning for them. Mr. Etheridge. Thank you. You are aware there is Federal legislation that requires Homeland Security to provide a template for schools to look at. I assume you are aware of that. Mr. Baker. Yes. Mr. Etheridge. They would also include in the legislation to make it available for the planning that has been introduced this year, I hope you take a look at it, to provide for some resources. It is one thing to do the planning, but if you don't have the resources the plan doesn't work too well. So I hope you look at that. Mr. Sheffi and Ms. Arnold, how can we help schools reduce vulnerabilities and improve the resiliency that we are talking about? What analysis is necessary to determine, I guess to determine where vulnerabilities can be reduced or mitigated? How can we work to develop plans for schools to bounce back after we have these disasters? You talk about how important it is. So what are some of the things we can do or should be doing? Ms. Arnold. Congressman, I think one of the things that I would suggest is that you look to the country of Switzerland. Switzerland about 3 years ago built a centralized system to coordinate medical response to large scale crises. During that program, what that they pulled together was their fire brigades, their medical teams, their first responders, their emergency control centers, and they centralized it into one Web-based scheme. They found, they did a medical analogy, that most people suffer the gravest injuries within the first 60 minutes of being injured. So their main mission was to get people treated before 60 minutes was up. When they first started out, they literally had to make, as somebody said earlier, phone calls to say do you have a bed in your district because I have got a burn victim or I have a car fatality, blah, blah, blah. Once this became automated with the supply chain management system you had an end-to-end visual of where your hospital centers were, where your fire brigades were, and you could deploy them in the most fast and effective means. You could determine, based on the casualty, which hospital was best suited to take the injured individual. Also the first responders were able to look at what we call the standardized best practice. So, you know, if this then do that. So we kind of brought everybody into the mode. Then on top of it they were able to manage their beds. I thought about that example as I read that article this morning about our beds being in such short supply. So I really think what needs to happen is a centralization, a standardization of data going into that central repository that needs to be easy to use so that all levels can tap into it, and it can be Web-based, and that there need to be, you know, some standard practices. And that you have a full and real-time scenario of where your assets are and how you can best deploy them. Whether it is a school system or, God forbid, a flight go down, you can see how this is very scalable. In fact, it went live in 2005, and they did a demonstration at the World Economic Forum in 2005. So there are examples. I will grant Switzerland is a very small country, they only have 26 as they call it cantons or administrative regions, but I do believe there are some lessons to be learned, and ones that we can import back to this country. Mr. Etheridge. Thank you. Chairman Thompson. Thank you very much, Ms. Arnold, and a staff member will talk to you a little bit after the hearing about some information on that subject. Ms. Arnold. Sure. Chairman Thompson. We will now recognize the gentlelady from the Virgin Islands, Mrs. Christensen. Mrs. Christensen. Thank you, Mr. Chairman, and thank you for this hearing, because resiliency is, I think, where we need to be focusing. We know that you can't protect us 100 percent, prevent 100 in bioterrorism. We know we have no clue what the bug might be or how it might be altered. Both from real-life experiences and from some of the exercises that we have held, we know that our weakness has been in recovery. And that is resilience. We have seen the Department move away from things like something that I know from my district Project Impact, where we set up public-private partnerships ahead of time to mitigate and to, you know, strengthen the ability to be resilient in communities. So that is--I am glad we are having this hearing. I want to go back, as you can imagine, to the hospital issue. In most of those situations, not only are there no beds, but there are people in the emergency room waiting for beds. So, you know, it is not really that easy to move people around. But every time we look at the Department's budget, the budget for health and the part of the budget set aside for health and hospitals does not reflect the importance of helping our hospitals to become resilient. Are you seeing any change in that as we get ready for next year? Mr. Baker. I will be glad to address that. I think that we have reflected in the last few years the importance of the health issue and the resources that are brought to bear in the event of a bioevent of some sort, including a natural infection. We created an Office of Health Affairs. The budget for that has increased significantly, and it has been given new authorities in the last few years. Mrs. Christensen. We appreciate that. But it doesn't help us out in the different cities. Mr. Baker. Yes. Mrs. Christensen. I remember going to Oakland Highland Hospital, a level one trauma center, and yes, I asked them-- this is a couple of years ago. They got maybe a couple hundred thousand dollars. It doesn't go very far. Mr. Baker. As far as that goes, we don't have the ability to say we should have twice as many hospitals, we will fund them and have them on the shelf waiting for an event. We have to encourage local governments and States to plan with the resources they have and to come up with a mechanism for dealing with emergencies. I would just say while I don't pretend to be an expert, I think HHS knows much more about this than I do, about the ins and outs of particular hospital availability in the event of a crisis, the fact is that every hospital, even if they have a crowded emergency room, has elective surgery candidates who are showing up every day. I know I have had shoulder surgery probably 5 years ago, and if somebody called me up and said we have had a plane go down and we have given your bed to somebody who was burned in that accident, I would have understood and waited another 6 months for shoulder surgery. So we do have some capability to respond to an emergency. Mrs. Christensen. Well, I hope that, Mr. Chairman, that we could have a hearing just devoted to this issue. Are you familiar with the system or that room that Secretary Tommy Thompson had set up where we are supposed to be able to know hospital bed capacity in every hospital in every State, city, and be able to utilize that in a disaster emergency? Mr. Baker. I have seen the---- Mrs. Christensen. Is it operational? Mr. Baker. I have seen the Health and Human Services intelligence center, which is operational. If that is what you are talking about, I have been to it. It is in operation. I don't know whether it has all of the information that you talked about. Mrs. Christensen. Thank you, Mr. Chairman. Chairman Thompson. Thank you very much. We now recognize the gentleman from Washington State, Mr. Dicks, for 5 minutes. Mr. Dicks. Well, after listening to this discussion about the hospitals, Secretary Baker, you get into the question about anthrax, and a possible--that kind of an aerosolized anthrax attack. Your point is well made that what we really need is to have the individuals have this medicine to be able to take. How many people have this? Nobody has this, right? I mean this is a theory, or this is what we would like to have. But people--do people actually have these drugs or can they get them? I mean can Members of Congress, you know, go to wherever we go and get a handful of these things? Mr. Baker. I wouldn't recommend getting a handful. Mr. Dicks. Well, whatever the appropriate dose is. Mr. Baker. I don't want to go into too far into territory that is really the responsibility of Health and Human---- Mr. Dicks. It is in your stable. Mr. Baker. Yes, and our job is to be prepared for an attack and to think about---- Mr. Dicks. We are not prepared for it. Mr. Baker. We have a rather detailed plan for delivering countermeasures, including cipro and doxycycline to the area where an attack has occurred. Mr. Dicks. But as you say, if you don't get them within a matter of hours, it doesn't make any difference. Mr. Baker. This is---- Mr. Dicks. So in those cases, I would go back and argue that maybe prevention and deterrence, whatever way to stop this from happening in the first place, is just as important as resilience if resilience is not possible. I mean, maybe in the telecommunications area you can restore something in 72 hours. In this area, unless you give the people the pills within a matter of hours, they are going to die. Mr. Baker. I could not agree more. I share that concern. Mr. Dicks. So prevention is a lot better option to me than something--I mean, you can call it resilience, whatever you want to call it, but it is not going to work and people are going to die. Mr. Baker. The faster we can get these countermeasures in people's hands after an attack the better. While we do have a plan for delivering them, having them actually on hand in the home, in the office is a very prudent step for people to take. I want to be cautious about that, because having antibiotics on hand and taking them for something other than a serious event could build resistance to antibiotics, which of course is a major concern of the public health community. They have been very cautious about recommending that people keep these stores in their home. We are working with them now to see if there isn't an appropriate solution to that problem because of the importance of responding very quickly to an aerosolized anthrax attack. Mr. Dicks. How many years do you think it will take to get an answer? Mr. Baker. I am hoping for an answer in months rather than years. Mr. Dicks. Does anybody else out there want to comment on this what I consider to be a dilemma? I mean, if you can't--I mean, to me it seems as if prevention in this area is critical. Maybe some areas, you know, telecommunications, yes, you can restore that and it is not the end of the world. But in some areas, you know, if you don't prevent the accident, a lot of people are going to die. Just as the gentleman from New Jersey points out, we don't have--I happen to be one of those people, by the way, I was having an operation when I was 24 years old. I was actually on the operating table and there was an earthquake in Seattle. The dust fell, and the paint fell, and they took me out and they opened up the facility in case there were emergency victims. So that does--that can work. But that would be such a small number of beds. If you had a catastrophic attack on Washington, DC, I am not sure that policy is going to get you very far. Mr. Baker. Absolutely. We would have to turn to a whole host of other alternative institutions. Mr. Dicks. Well, Mr. Chairman, resilience may be the word for the day, but I am for prevention. I think prevention still should be up there at the top of the list. Thank you. Chairman Thompson. Thank you very much. I now recognize the gentleman from California for 5 minutes, Mr. Lungren. Mr. Lungren. Thank you very much, Mr. Chairman. I appreciate this hearing. Though I have not been here, I have gone through the testimony of the witnesses. So let me ask somewhat of a general question. That is this. With certain elements of our private infrastructure, the immediacy of getting their function back up is part and parcel of what they do. Financial institutions, if they were disrupted for more than 24, 48, 72 hours, it really affects them. So it seems to me that building in resiliency to make sure that doesn't happen can be justified as part of the bottom line. Similar with telecommunications companies. But there are a whole other set of infrastructure in the United States where the immediacy perhaps is not such that it would be readily apparent and accepted in the bottom line. So what do we do as a government to work with the private sector, or what incentives do we need or what regulatory mechanisms do we need such that resiliency as understood in today's discussions would make sense from a corporate decision-making standpoint to go to the bottom line? I hope I am clear on that question. But it is one that has intrigued me for some time. On the one hand, we understand that 85 percent or whatever the number is, 85, 87, 90 percent of critical infrastructure is actually owned by the private sector. But sometimes the kinds of things that we need to do to protect against terrorist attack or to respond to a terrorist attack or other kind of abnormality which would cause disruption is difficult to calculate in the bottom line, and I presume for corporate leaders to be able to justify to their stockholders. Therefore, it seems to me there must be a role the government should play, but I am not sure exactly what that should be. I wonder if the panelists might have a comment on that. Mr. Sheffi. I will try to answer. First of all, I am not sure that there are such assets. In today's, we have gone through 20, 25 years of making corporations very lean and very, you know, using low inventories, using just in time, which means that assets are utilized extensively, which means that whatever the company is doing, whatever the enterprise is doing is geared toward, you know, adding value and adding to the bottom line. So it is not clear that there are examples where assets are just standing there, yet they are important for national resilience and companies wouldn't care about it. It is not clear that this is a big concern. Because whether it is, you know, AT&T Communications or, you know, a manufacturing plant or a warehouse or distribution center or store, if Wal-Mart loses a store, they would lose revenue. So it is not clear that there are many assets in the private sectors that are not tied directly to the value stream of that company. Mr. Lungren. So in other words, you don't think there is anything the government needs to do to raise the visibility of that issue to corporate America in the area of infrastructure? Mr. Sheffi. No. We talked before about an example that AT&T raised, that they have 72 hours to come back to the same level of service. My comment was why 72 hours? Why not 71? Why not 75? Is 72 hours a good number? But the issue is with the current incentives that the government provides through taxation and regulation they chose 72 hours as a combination of what they can do with the current technology, what customers expect, what they think are their corporate social responsibilities. However, if the government would make a statement that, you know, 41 hours, you know, is the right number, and have some both regulations and incentive to do it, they would change the calculations of AT&T or other companies. If the government thinks that getting supply of, I don't know, Campbell's Soup is important, so Procter & Gamble would change its calculation in how it thinks about resilience. So the government certainly has a role. The government has to decide what is important and how important is it. Do we want it back in so many hours, in so many days? What kind of disruption? Let me stop there. Mr. Baker. I think you have put your finger on a very good point. It is very hard, though, for the government to have an overarching standard for exactly how resilient a particular industry ought to be, because that will change as people's perception of the risk changes. The financial institutions that today have warm backup centers that are ready to take over all their transactions in an instant did not have that on September 11. It was only the realization of how at risk they were that led them to adopt much more extensive redundant systems. On the other hand, the market punishes failure to prepare for this and rewards a company that prepares. Wal-Mart did an excellent job of responding to Katrina using their very extensive IT system so that they had people and stores and delivery trucks ready to reopen almost immediately after the hurricane passed through, and as a result, made a lot more money than their competitors who were slower off the mark. Mr. Lungren. So at least one of the things the government ought to do is be as transparent as possible given the fact we that don't want to give away intelligence secrets, but to inform those who have critical infrastructure as well as the general public that the nature of threats, the extent of the nature of that threat, and so forth. Mr. Baker. I think that is exactly right. We can point out threats that the private sector may not be aware of, problems that we see. We have recently addressed the question of what would happen in the event of avian flu, a pandemic in which everybody should stay at home and work from home. That is fine. That is a great new technology that we can use to avoid people coming into contact with each other unnecessarily. But right now the telecommunications infrastructure does not fully support that. We need to address that. Mr. Lungren. Thank you. Chairman Thompson. Thank you. The gentleman's time has expired. We now recognize the gentleman from Texas, Mr. Green, for 5 minutes. Mr. Green. Thank you, Mr. Chairman. I thank the witnesses for the testimony that we have heard. Ms. Arnold, if I may, do you have a person within your operation who is charged with resilience implementation? Ms. Arnold. We actually have a number of--not one specific person who is charged with resiliency, but we divide up the industries into 26 sectors and then we work---- Mr. Green. If I may do a quick follow-up. I asked about a specific individual because if some branch of government wanted to contact your company, would that person then call 26 different people or is there a person that would be called? Ms. Arnold. If it was public sector, yes, there would be a public sector person that you would call. Mr. Green. So you do have a person that is available for the Federal Government to contact? Ms. Arnold. Correct. If they want to talk about public sector solutions. Mr. Green. Does that person have someone at the Federal level that he or she can immediately contact, a name and means of contact, communication with someone at the Federal level that is already known to you? Ms. Arnold. I am not sure I understand the question. Mr. Green. Well, what I am getting at is if you needed help---- Ms. Arnold. Yes, sir. Mr. Green [continuing]. And you wanted to get over to someone at the Department of Homeland Security, do you now know the name of the person or the organization that you would immediately call? Is that already in place? Ms. Arnold. We work extensively with Customs and Border Patrol, yes, sir. Mr. Green. I will take it from this answer that you are not giving me a yes or a no. I am not trying to press you too hard. But is there a person that you--some person that you are to call, some agency that your person already is aware of that he or she contacts? Ms. Arnold. Generally, our folks with the chief technology and chief operating officers for the departments and agencies. Mr. Green. Is there a codified plan in place such that in the event of some unforeseen ugly circumstance your person knows that he or she is to call this person with the government? Ms. Arnold. In the case, for instance, of Customs and Border Patrol, yes. There are several folks that know to--they work in concert. We work on a daily basis. Mr. Green. I am asking this line of questions because it seems to me that the web of resilience should be woven such that there is some sort of interconnectivity between public and private and the government. There ought to be some web that causes each business to have a means by which it can communicate up the line to some other person. Is that web in place? Ms. Arnold. That web is in place. Actually, we have services folks that are dedicated to a department and work hand in glove with them if they have an SAP solution and running that. If there is, in fact, some sort of catastrophic event, can certainly assist them in the deployment and addressing any kind of concerns. Mr. Green. Let me speak on behalf of probably a good portion of the American population when I say to you it is perceived that when the local government fails and the State government fails, it is perceived that the Federal Government should prevail. It is also perceived that in Louisiana, in New Orleans when the local and State did not step up to the plate, the Federal Government to a great extent, the level of participation was observation immediately after the catastrophe. It seems that there should be a plan in place when it comes to health care, food, water, justice system, and communications. There should be some plan that the Federal Government has when local and State government can't deliver. There are things that happen that will cause local and State government to be ineffective. At this point, the Federal Government has to become efficacious. I am not hearing about the plan that the Federal Government has when the State government can't step up and the local government can't, when they can't. Do you have something that is the equivalent of the MASH units, the Mobile Army Surgical Hospitals? Do you have the equivalent of some sort of mobile distribution system that is already in place and can be dispatched quickly? Do you have boots that can go on the ground immediately to give us that law and order that we finally saw in about day five, six, seven in Louisiana? Do we have a food distribution system that is in place in the event a State and local government can't deliver? Is that plan in place? If that plan is in place, my assumption is it is linked to some sort of network within various States so that it can be an effective plan. Mr. Baker, could you kindly respond, please? Mr. Baker. If I could give you a short answer, it is we have plans to provide all of those things in support of State and local governments when they ask. We do not, in general, plan to take over from the State and local governments for obvious reasons. They rarely believe that they are going to suffer that kind of loss of control. Mr. Green. Okay. Mr. Baker, with all due respect, and I appreciate what you are saying about the sovereignty, if you will, of the State government. I appreciate it. But we are talking about something now on a massive scale. God forgive that it would ever happen, hope that it won't happen, but let's assume that the State government is ineffective because it has been damaged severely. You must be prepared to deliver at this point in my opinion. Mr. Baker. Since we can deliver on request, we can also deliver when we determine that it is necessary to do so. I just want to caution that States are quite concerned if we started to plan to take over. Mr. Green. I don't want you to do so, but what I don't want to see is people on top of buildings with signs saying help me and the Federal Government flying over in planes and not helping. That is what I don't want to see. So there must be some means by which we never, ever, ever allow what happened in New Orleans to happen again. There must be some means by which we can prevent this. That is the plan that I am looking for. Mr. Baker. We share that hope. Mr. Green. Do we share the plan? Mr. Baker. We have the capability. We are working on additional---- Mr. Green. I have the capability to do surgery with a certain amount of education, which I do not have right now. Okay. Mr. Baker. You are doing pretty well. Mr. Green. What I want is to know that my government is using the capability that it has so that it can produce a product. Thank you, Mr. Chairman. I yield back. Chairman Thompson. Thank you. We now recognize the gentlelady from New York, Ms. Lowey, for 5 minutes. Mrs. Lowey. Thank you very much, Mr. Chairman. Again Assistant Secretary Baker, we have been talking earlier in this hearing about communication problems that have plagued first responders in every emergency in the last 15 years. We have heard enough about Katrina. The fiscal year 2007 Homeland Security appropriations bill included multiple provisions that I had the privilege of championing with the help of our good Chairman related to first responder communications. Included were several provisions on planning and backup systems to implement the global networks went down, as in New Orleans. Earlier this year the FCC ended the digital television transmission spectrum auction without receiving the minimum bid to build the D block spectrum that was reserved for public safety. Addressing these issues should be one of the Department's top priorities. Assistant Secretary Baker, I was interested to read the portion of your testimony that promoted reverse 9/11 and enhanced 9/11. In New York, the State emergency management office has developed New York Alert, an all hazard Web-based alert and notification portal that can activate the emergency alert system and send blast fax, e-mail, text messages, phone calls, et cetera, to subscribers across the State or to customized groups. This sounds just like the communications network you are promoting that enhance resiliency. Correct? Mr. Baker. Yes. Mrs. Lowey. However, the Department has turned down requests to provide funding for this program. In fact, grant guidance for the FEMA Predisaster Mitigation Program explicitly excludes this type of program. I am really puzzled that one branch of DHS supports alert systems, but when it comes to providing funding another branch opposes it. Assistant Secretary Baker, can you tell me what you are doing to ensure communications resiliency and can you explain this? Mr. Baker. I am not familiar with the grant guidance that you are talking about. We are certainly supportive of New York's efforts to do the kinds of things that you are talking about. Mrs. Lowey. What does ``supportive'' mean? It is a good idea. Mr. Baker. It is a good idea. I would not say that we have failed to fund New York's efforts to respond to emergencies, to build homeland security programs across the board. The grants to New York City and State have been quite substantial for obvious reasons, because we think that they are under a substantial threat. Whether all of the grant programs are focused on new technologies or only some of them are available for that, I am not in a position to answer. But I will take a look at that and I will get back to you because, as I said in the testimony, and I have said here today, these new technologies are crucial for our ability to respond flexibly and show the resilience that the committee would like us to show and that we would like the citizens to be able to show. Mrs. Lowey. Well, I would appreciate you getting back to me, because the FEMA Predisaster Mitigation Program explicitly excludes this type of program, which is quite extraordinary to me. Thank you very much. Dr. Bailey, what lessons could DHS learn from AT&T to increase the likelihood that our communications networks will survive major incidents? Ms. Bailey. Wow. That is a loaded question. Well---- Mrs. Lowey. Well, I think it is important. If we are talking about resilience and if we don't discuss the facts and we are not preparing and the chair, and I and many of us have been talking about this issue for 5, 6 years, yes. Ms. Bailey. Wow, lessons learned. Certainly the attention to--admitting up front that bad things will happen. I think Dr. Sheffi mentioned that early in one of his responses. Bad things happen all the time. So it is not just being prepared for the very rare but very severe, you know, devastating, you know, terrorist attack, but also the day-to-day nasty things that happen. The pool chemical warehouses that catch on fire and release chlorine gas, the train derailments and the like. All of those can in many ways be---- Mrs. Lowey. I don't mean to interrupt, but I have a couple of seconds left. Ms. Bailey. Okay. Mrs. Lowey. But what from your procedures, from your technology, what could you teach not Assistant Secretary Baker, let's say what could you really show DHS and how do we get it done? You know, we have been having these hearings for years. The private sector knows they have to do it or else they are going to lose a lot of money. We are going to lose a lot of lives and money and everything else. So what could you teach us? Ms. Bailey. Wow. Well, certainly there are the physical threats as well as the cyber threats. We would be very interested, in fact we are sharing our approaches to cyber security, for example, with DHS to address both the prediction and prevention, which is surprisingly more significant of an opportunity than certainly AT&T ever expected until we started looking at the traffic profiles and realizing that there are signatures of attacks actually before they happen, and if you can leverage that signature, you can buy yourself planning time and preparation time that is extremely valuable to mitigate the impacts. So that is just one example of what AT&T can and would love to share with DHS in terms of our capabilities. Mrs. Lowey. My time is up, but I would hope that the expertise that AT&T has could be shared. In fact, I would hope we get to the point where DHS can be the initiator of some of this technology so we can all benefit, not that we want to compete with AT&T. But we thank you for your leadership. Thank you, Mr. Chairman. Chairman Thompson. Thank you very much. We now recognize the gentlelady from California, Ms. Harman, for 5 minutes. Ms. Harman. Thank you, Mr. Chairman. I want to commend you for holding the hearing on this important subject and to make certain that those listening in know that the Subcommittee on Intelligence, which I chair, will hold another hearing on this subject in a few days. Steve Flynn, a noted author, will be one of our witnesses. I think it is very important that we consider resilience as we consider whether our steps to protect our homeland are adequate. Ms. Harman. I also want to apologize to you and to our witnesses for not being here during their testimony. I had two other hearings at the same time, and my little body went to both of those and is now here, hoping to ask a few questions. Finally, I want to welcome especially Mr. Southers, who hails from Los Angeles and who works for the Los Angeles World Airports. LAX is in my district's backyard. I surround LAX, and it also happens to be, as I am sure he said, one of the top terrorist targets in the United States with a history of prior attacks. Make no mistake, if an airport is attacked in our future, it is more likely to be LAX than any other airport; and that gets my attention, and that is why mine is a very familiar voice in the halls of the LAX administrators, maybe a little too familiar. I stay up at night, worrying about what could happen to that airport and particularly worrying about threats posed by vehicle-borne explosives, which according to the RAND Corporation and to others who have looked at this is the most likely kind of threat that could occur at that airport. So I applaud your effort, Mr. Southers, to move beyond the traditional role of airport security teams. Real-time intelligence is a crucial tool to protecting critical infrastructure such as LAX, and your airport randomized vehicle checkpoints, which I have noticed, since I go through them all the time, are praiseworthy. Critical infrastructure protection units are probably very useful as well, but as you note in your testimony, it was RAND--which I just mentioned--4 years ago, which determined that curbside bombs, including large truck bombs, were the top test to LAX and to other major U.S. airports. Seven airline terminals surround the horseshoe. It literally looks like a horseshoe that one drives around on two levels at LAX. Each terminal is often extremely crowded, with lines extending out the door. It is not hard to imagine what kind of mischief could occur. Yet, 13 years after Oklahoma City and 1 year after Glasgow, we are not ready. So, in thinking about resilience, I want to urge you to make certain that this summer, as promised, LAX and LAWA will install vehicle barriers--probably similar to the large flower pots, these concrete flower pots, that adorn the Capitol--at the most vulnerable points in that horseshoe, both at the upper tier and at the lower tier. I do not know if a vote has just been called. No. So my time is still limited. I only have about a minute and a half, but I wanted to give you a chance, Mr. Southers, or anyone else who would like to opine to add to what I have just said. Finally, let me just get this in while Mr. Lungren is here. As he knows, we coauthored the Safe Ports Act. One of the unique features of that act was a resiliency plan. This committee has been thinking about this well ahead of this year, and it pleases me to hear that many of you are also thinking about it. So I did want to commend you. Mr. Southers. Mr. Southers. Congresswoman, first, I do want to say, thank you for your support. Your voice is always welcomed at the airport. It certainly has been what has initiated some movement on our part. I am happy to say that the first phase of the bollard plan is going to go in this summer. In fact, I have personally walked the upper level myself. Despite some challenges with regard to the level of protection necessary, I can assure you that the rating of those bollards is going to withstand vehicles of the impact of the attacks we have seen around the world. We certainly do still share some of those issues with regard to people's being on the curbside, and we are trying to mitigate that as much as possible. One of the things we are able to do is to work a little bit closer with TSA in getting more screeners in there, particularly at Southwest, at Tom Bradley and at Terminals 6 and 7, to get them inside. While they are outside, we have stepped up our K-9 explosive detection teams out there. So we have got a presence. We also have more of a presence of our officers as well. So we are certainly aware of that. It has been quite some time, as you mentioned. This summer, we look forward to moving forward not only with the terminals, but with LAX fuel and with some of the other gates around the airport that you have mentioned in the past. Those phases will all start this summer. Ms. Harman. Well, I thank you for that answer. My time has expired, but I would just add that there are vulnerable airports all around America. As we think about resiliency, that is a place we have to look. I do commend you for your efforts, and I will be looking for those flower pots in the very near future. Thank you, Mr. Chairman. Chairman Thompson. Thank you very much. I would like to thank the witnesses for their valuable testimony and the members for their very excellent questions. The members of the committee may have additional questions for you, and we will ask that you respond expeditiously in writing to these questions, as a couple of witnesses have already agreed to do. Chairman Thompson. Hearing no further business, the committee stands adjourned. [Whereupon, at 12:05 p.m., the committee was adjourned.] A P P E N D I X ---------- Questions From Honorable Mike Rogers of Alabama for Stewart A. Baker, Assistant Secretary for Policy, Department of Homeland Security immigration and customs enforcement (ice) Question 1. While the number of Border Patrol officers has doubled over the recent past to about 18,000, the number of ICE agents has remained relatively level at about 6,000. Can the Department meet its immigration enforcement responsibilities with so few immigration agents? Given the national emphasis on the importance of enforcement of immigration law, how many ICE agents does the Department need to function effectively? Answer. The Department has requested increases in funding for Immigration and Customs Enforcement that support the administration's Secure Border Initiative (SBI), controlling the border and executing a comprehensive interior enforcement strategy. In the fiscal year 2009 request, the President requested $5.7 billion for ICE. The 2009 request includes resources for 87 Office of Investigations (OI) Special Agents and 44 positions for the Visa Security Program and the Office of Professional Responsibility (OPR), as well as increases for detention beds and State and local law enforcement coordination. In addition, 74 positions along with 1,000 additional beds have been requested for ICE's Office of Detention and Removal Operations (DRO) in order to deal with removal costs required to meet current demand and the demand generated by increased enforcement activities associated with SBI and special authority granted to State and local law enforcement officers under Section 287(g) of the Immigration and Nationality Act. These positions included 20 Deportation Officers, 40 Immigration Enforcement Agents, 8 Deportation Assistants and 6 support positions. The number of authorized positions for DRO has nearly doubled from approximately 4,000 positions in fiscal year 2005 to 7,734 positions in fiscal year 2008. It is also important to note that the Criminal Alien Program (CAP) was transferred from the OI to DRO, and the Office of International Affairs (OIA), which had been a part of OI, is now a stand-alone entity within ICE. Despite the realignment of these resources, OI still maintains approximately 6,000 Special Agents nationwide. As a result of increased funding over the past several fiscal years, ICE has achieved many successes. In fiscal year 2007, for example, ICE's investigative and detention and removal accomplishments include: Enhanced Immigration Enforcement: Initiated 1,093 worksite enforcement investigative cases, which resulted in 863 criminal arrests (compared to 716 in fiscal year 2006) and 4,077 administrative arrests. Increased Compliance Enforcement: ICE implemented a high- intensity compliance enforcement operation to detect, deter, and disrupt terrorist operatives who sought to exploit the non- immigrant process in order to remain illegally in the United States. The operation resulted in 249 completed investigations and 73 arrests. Increased Human Smuggling Investigations: ICE initiated 2,528 human smuggling investigative cases, which resulted in 1,821 criminal arrests, 1,150 indictments, 1,209 convictions, and seized $16,400,283 in related monetary instruments. Apprehended Sexual Predators of Children: ICE achieved a total of 10,434 criminal and administrative arrests through Operation Predator. Increased Commercial Fraud and Intellectual Property Rights Investigations: ICE initiated 1,275 Commercial Fraud and Intellectual Property Rights investigative cases, which resulted in 246 criminal arrests, 178 indictments, and 196 convictions. Targeted Transnational Gangs: ICE arrested a total of 3,302 gang members and associates Nation-wide. Furthered Nation-wide Document-Fraud Prevention Efforts: ICE initiated 1,309 fraud investigations, leading to a record 1,531 arrests and 1,178 convictions. Strengthened Border Enforcement Security Task Forces (BESTs): Task Forces collectively made 516 criminal arrests, 1,037 administrative arrests, seized over 49,552 pounds of marijuana, 1,326 pounds of cocaine, 151 pounds of methamphetamine, 135 pounds of heroin, 237 weapons, 12 explosives, and approximately $2.5 million in U.S. currency. Enforcement Against Visa Violators: ICE investigators worked to ensure compliance with the Nation's immigration laws among student and exchange visitors and other nonimmigrant visitors to the United States. ICE arrested 1,558 high-risk, non- immigrant status violators. Visa Security Program: ICE expanded overseas deployment to nine visa security posts in eight countries and trained more than 40 Special Agents to serve as visa security officers. ICE investigations through this program resulted in the denial of more than 750 visas and the initiation of more than 140 investigations. Set New Record for Alien Removals: ICE removed more than 276,000 illegal aliens, including voluntary removals, from the country--a record for the agency and a 45 percent increase over the number of removals during the prior fiscal year. Removed Criminal Aliens: ICE initiated removal proceedings against 164,296 criminal aliens encountered in U.S. jails and prisons, which exceeds the Criminal Alien Program fiscal year 2006 total by over 140 percent. Leveraged Alternatives to Detention: ICE processed 8,300 non-detained aliens through the Alternatives to Detention program, including 1,989 Intensive Supervision Appearance Program participants and approximately 6,300 Electronic Monitoring Program participants. Increased Fugitive Operations Team Arrests: ICE added an additional 23 Fugitive Operation Teams, for a total of 75, which arrested over 30,000 illegal aliens. ICE processed and eliminated more than 100,000 fugitive alien cases and reduced the backlog of fugitive cases for the first time in history. Increased Removal Process Efficiencies: ICE's Detention Enforcement and Processing Offenders by Remote Technology (DEPORT) Center made it possible to identify and screen criminal aliens incarcerated in Federal prisons to ensure their removal upon the completion of their sentences. ICE also deployed the Electronic Travel Document System to all 24 ICE DRO Field Offices and consulates of Guatemala, Honduras, and El Salvador, decreasing the number of days required to issue travel documents from 14 days to 6 days. Initiated Significant Financial Investigations: ICE initiated 3,069 financial investigations, resulting in 1,394 arrests and 897 convictions. Increased Number of Trade Units: To combat trade-based money laundering, ICE now has Trade Transparency Units (TTUs) in place in Colombia, Paraguay, Argentina, and Brazil. In fiscal year 2007, ICE TTUs initiated 95 trade-based money laundering investigations and generated 36 investigative referrals. Increased Arms and Strategic Technology Investigations: ICE increased its arms and strategic technology investigations, resulting in 186 arrests (compared to 144 in fiscal year 2006), 178 indictments, and 115 convictions. Question 2. In my home State of Alabama, a number of county sheriffs have reported a complete lack of response on ICE's part to dealing with detained illegal aliens. I understand that this is due to inadequate numbers of Detention and Removal Officers, and insufficient bed space. How does the Department plan to deal with this growing inability to handle the increasing number of immigrant detainees? Answer. In the past 3 fiscal years, the administration has substantially increased ICE resources. As I outlined in detail in my response above, the President requested $5.7 billion for ICE in his fiscal year 2009 budget, which represents an increase of approximately 12 percent over fiscal year 2008, excluding emergency funding provided by Congress. Program increases total over $160 million and target the priority areas of this administration to allow ICE to be a highly valuable contributor to the Secure Border Initiative (SBI), enforce customs laws critical to the Nation's security, and ensure we are protecting the American public. ICE has made tremendous progress in immigration enforcement through greater innovation with its resources combined with more effective oversight. In Alabama, there are a total of 89 recognized facilities. All Federal and State facilities, as well as seven county facilities have 100 percent screening by ICE. The remaining 74 county and city facilities receive limited coverage. In fiscal year 2008, Congress provided funding for an additional Criminal Alien Program (CAP) team for Montgomery, Alabama. This CAP team is in the process of being hired and deployed to Montgomery, Alabama. Since September 10, 2003, ICE has had a Memorandum of Agreement (MOA) with the Alabama Department of Public Safety. In addition, three other Alabama law enforcement agencies (the Prattville Police Department, the Etowah County Sheriff's Office, and the Huntsville Police Department) have all applied for 287(g) Delegation of Authority. These applications are currently pending. To continue to improve our responsiveness to States and localities, ICE has developed Secure Communities, A Comprehensive Plan to Identify and Remove Criminal Aliens. In order to ensure no criminal alien is released into the community due to lack of detention space, ICE must expand its number of available beds to cover increased detention needs generated by the plan. The fiscal year 2008 Appropriation provided ICE with $200 million to develop this plan, and approved an increase of 4,500 detention beds for an annual average daily population of 32,000. ICE uses a detention space management model to help determine where detention space should be added. As the plan is implemented, ICE will review bed detention needs. Secure Communities consists of the following strategic goals: Strategic Goal 1.--Identify and process all criminal aliens amenable for removal while in Federal, State, and local custody; Strategic Goal 2.--Enhance current detention strategies to ensure no removable criminal alien is released into the community due to a lack of detention space or an appropriate alternative to detention; Strategic Goal 3.--Implement removal initiatives that shorten the time criminal aliens remain in ICE custody prior to removal, thereby maximizing the use of detention resources and reducing cost; and Strategic Goal 4.--Maximize cost effectiveness and long-term success through deterrence and reduced recidivism of criminal aliens returning to the United States. Question 3a. One of my concerns is the nature of the training that ICE agents receive in customs and immigration. In my State of Alabama, many agents work customs at the ports, but very few are available for immigration matters. If we split the training to have some agents focus on customs and others specialize in immigration, it would seem there would be more officers to handle immigration enforcement. Do all incoming agents receive the same training, or do they specialize in one area or the other? Answer. While U.S. Customs and Border Protection (CBP) works to secure the Nation's borders at and between the official ports of entry, ICE Special Agents are responsible for investigating a range of issues that may threaten national security within the interior of the United States. Both agencies work closely to secure our homeland. Additionally, by bringing together customs and immigration enforcement, DHS can fight crime and terrorist activity in ways not possible before the founding of DHS. Investigators on immigration cases can track the money trails that support smuggling and document fraud operations. Financial investigators can use immigration violations to build cases against criminals. ICE brings all of its powerful authorities to bear on all cases, requiring agents to be sufficiently trained on all of those authorities. Accordingly, all ICE Special Agents receive instruction in both customs and immigration law, and are trained to enforce both. Question 3b. What about agents who were working prior to the merger that created ICE in March 2003? Answer. Special Agents hired prior to the merger were cross-trained in one of two approved programs. The program for Customs Agents provided immigration law/enforcement practices and program for Immigration Agents provided customs law/enforcement practices. Every Agent in the agency was required to take and successfully be tested in the requisite cross-training program.