We were forward-thinking and innovative. We thought we understood the scope of the changes the years would bring. We knew security would remain our foundation, in both the physical and the virtual world.
We could not have anticipated that a decade later, September would remind us of the losses we suffered on a day when our industry became a target of a physical attack the likes of which our nation had never seen.
We remember alarm. We remember disbelief. We remember television screens and photographs. We remember phone calls that told us our friends and family were safe - or that they were not.
Security is woven into the fabric of our industry. It is in the brick and mortar we use to erect our buildings. It is in the circuits and fiber we use to create our technologies. It is in our handshakes when we sign on to new business ventures. Security of customer information and transactions, security of our employees, and security of our physical infrastructures are nothing less than everything to us.
On Sept. 11 our industry fared well. Our infrastructure held. We proved our financial institutions were worthy of the trust of our customers, the nation, and the world. We proved we understood that word, security.
Until that day, though, we had not come face to face with the depth and breadth of security. The meaning of the word changed on that day forever.
That is when we became acquainted with what I call the new security.
One critical aspect of the new security that came into sharp relief on Sept. 11 is our sector's dependence on other critical infrastructures. We certainly can be proud of our strength, but it means little if the other infrastructures on which we rely, particularly telecommunications and energy, are vulnerable.
After Sept. 11, BITS worked to identify and mitigate vulnerabilities in these other sectors, as well as our own, and to enhance the recoverability of financial services in the event of a crisis.
What we've seen since then is nothing short of unprecedented cooperation. We've worked with CEOs of some of the nation's most powerful companies to mitigate unacceptable risks. We've talked frankly about our own strengths and weaknesses, and how together we can best assure diversity, recoverability, redundancy, and resiliency. We've agreed on best practices - practices that reflect today's heightened risks.
Cooperation is the new security.
What else have we learned? We've seen that when physical disaster occurs, it tends to be contained in one geographic area. The new security means financial services firms located in close geographic proximity should work together on business continuity.
In 2003, BITS contributed its crisis management expertise to a regional coalition, ChicagoFIRST, and documented the process. A handbook - "Improving Business Continuity in the Financial Services Sector: a Model for Starting Regional Coalitions" - was funded by the Department of the Treasury and co-authored by BITS, Boston Consulting Group, and ChicagoFIRST. That handbook is helping other regional coalitions create practical plans for working together during a crisis.
Partnerships are the new security.
The attacks also made us think differently about the reliability, recoverability, resilience, and continuity of information systems. In the weeks and months afterward we began to talk about "a digital 9/11." The unseen networks of information that are our cyberinfrastructure became both a terrifying target and a priority of awesome proportions.
