Mission:
CIAG Incident Response Support improves cyber security incident response across Cisco and externally by composing policies and best practices, providing or developing services, and facilitating information exchange between Cisco response teams and external organizations.
The Information Sharing and Analysis Centers (ISACs) are part of the private sector's responses to the call for action made in May 1998 in the Federal Government's policy on critical infrastructure protection.
CIAG Incident Response Support Program
The CIAG Incident Response Support team performs the role of an information intermediary for the Information Sharing and Analysis Centers (ISACs) and other external organizations. These ISACs distribute information to members about security threats, vulnerabilities, incidents, countermeasures, and best practices. The CIAG supplements the current relationship between the ISACs and Cisco response groups such as the Product Security Incident Response Team (PSIRT)
by collecting, filtering, and disseminating the information delivered by the ISACs to its members.
However, the CIAG is not an incident response organization. To report security problems please visit the Cisco Product Security Incident Response page. For information about recent PSIRT advisories, see its advisory page.
CIAG Incident Response Support also:
- Investigates and establishes various programs that support CyberSecurity Incident Response Teams (CSIRTs) with emphasis on internal Cisco teams. Leveraging our membership in the ISACs, CIAG Incident Response Support provides access to their situational awareness programs and enrolls appropriate Cisco employees in ISAC-provided emergency or alternative communications systems.
- Participates in exercises designed to simulate attacks or disasters that affect cyber systems, making participation by internal Cisco teams possible and also representing Cisco in such exercises where appropriate and relevant.
- Contributes to the development and improvement of supporting policies and procedures both internally and externally. Team members participate routinely in the activities of the Forum of Incident Response and Security Teams (FIRST), ISAC, NIAC, and NSTAC working groups, and various related venues, such as general cybersecurity associations, that are interconnected to incident response.
- Improves the internal reaction to major events, such as Hurricane Katrina, by establishing and operating the NetworkRestoration (NetRest) project. The system provides a single focal point and communications channel for all internal parties involved in an incident response, avoiding duplication of effort, correctly provisioning our products, and ensuring that all requests for help are properly considered.
The CIAG Incident Response Support program is not an incident response team. To report security problems, please visit the Cisco Product Security Incident Response page. See information about CIAG's policy work with the U.S. Government and the White House. Additionally, here is a valuable one-stop shop to report and view Cisco Security Advisories and Notices.
