By Kelly Jackson Higgins
October 9, 2007
An internal security research group within Cisco was quietly shuttered
over the past few days as part of a restructuring effort.
The group is part of Cisco's Critical Infrastructure Assurance Group
(CIAG), which is focused on improving the security of global critical
infrastructure with research, training, education, best practices, and
standards development. Cisco has not publicly announced the move.
"CIAG as a whole still exists and remains an integral part of the
company," a Cisco spokesman said today. "Cisco continually reviews its
operations as a normal course of business to achieve the greatest focus
on growth opportunities, customer satisfaction, and productivity gains.
As this occurs, we evaluate resources to ensure that they are aligned
with the highest priority work that addresses our customers needs."
Research projectswithin the CIAG were on hold as if this posting,
according to sources close to Cisco. And it was unclear what ultimately
would happen to some of these efforts, which include SCADA security
research, a honeynet for SCADA systems, Internet DNS scanning, study of
"collateral damage" on network devices from malware attacks, a VOIP
threat study, and the Common Vulnerability Scoring System (CVSS).
The CIAG research group had developed some key security tools, such as
SMART -- a network flow visualization tool for SCADA systems -- and some
BGP and TCP hacking tools to test for network security vulnerabilities,
according to its Website.
Speculation was swirling today as to whether Cisco would reassign the
displaced CIAG researchers elsewhere in the company. Either way, it
doesn't appear that the group will remain intact: Dale Peterson, founder
and director of the SCADA Security Practice at Digital Bond, said in a
recent blog posting that some of the CIAG researchers are now looking
for SCADA security work.
"This is not a huge surprise, because Cisco never cared or did much with
the results from this group, likely because the control system market is
too small for Cisco," he wrote about the CIAG restructuring.
The number of employees affected by the restructuring was not available
from Cisco at the time of this posting.
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques. Register now for savings on conference fees
and/or free exhibits admission. - www.csiannual.com