Cisco Folds Security Research Group

An internal security research group within Cisco was quietly shuttered over the past few days as part of a restructuring effort.

The group is part of Cisco's Critical Infrastructure Assurance Group (CIAG), which is focused on improving the security of global critical infrastructure with research, training, education, best practices, and standards development. Cisco has not publicly announced the move.

"CIAG as a whole still exists and remains an integral part of the company," a Cisco spokesperson said today. "Cisco continually reviews its operations as a normal course of business to achieve the greatest focus on growth opportunities, customer satisfaction, and productivity gains. As this occurs, we evaluate resources to ensure that they are aligned with the highest priority work that addresses our customers’ needs."

Research projects within the CIAG were on hold as if this posting, according to sources close to Cisco. And it was unclear what ultimately would happen to some of these efforts, which include SCADA security research, a honeynet for SCADA systems, Internet DNS scanning, study of "collateral damage" on network devices from malware attacks, a VOIP threat study, and the Common Vulnerability Scoring System (CVSS).

The CIAG research group had developed some key security tools, such as SMART -- a network flow visualization tool for SCADA systems -- and some BGP and TCP hacking tools to test for network security vulnerabilities, according to its Website.

Speculation was swirling today as to whether Cisco would reassign the displaced CIAG researchers elsewhere in the company. Either way, it doesn't appear that the group will remain intact: Dale Peterson, founder and director of the SCADA Security Practice at Digital Bond, said in a recent blog posting that some of the CIAG researchers are now looking for SCADA security work.

"This is not a huge surprise, because Cisco never cared or did much with the results from this group, likely because the control system market is too small for Cisco," he wrote about the CIAG restructuring.

Cisco would not disclose the number of employees affected by the restructuring, but said they would be given the opportunity "to pursue other available opportunities within or outside of Cisco, and are being provided career resources with which to do so," the Cisco spokesperson said.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.