I covered most of this weeks news and notes in the ISA reporting, but here are a few more tidbits.

• If you haven’t heard from Cisco’s Critical Infrastructure Assurance Group (CIAG) it is because this group has been disbanded in a corporate restructuring. CIAG is the group that Matt Franz, Darrin Miller, Andrew Wright and others worked in and provided research and assistance with AGA12, Modbus Firewall,  SMART, SAFE, CVSS, etc. Some of these researchers are looking for SCADA security work. This is not a huge surprise because Cisco never cared or did much with the results from this group, likely because the control system market is too small for Cisco.
• ISA’s Security Compliance Institute (SCI) had a goal of 15 founding members by September 1. The recent press release listed only 6 founding members, so they obviously did not meet their goal. but they have extended the time frame for founding members. Andre Ristaino, who is heading up the effort, said there are more likely founding members who are working through the internal approval process or have not allowed SCI to release their name yet. Andre also mentioned that ISA has no plans to fund SCI if industry funding is insufficient because that would indicate a lack of interest.
• Bruce Schneier weighs in on the DHS video. This is newsworthy not for his opinion on the issue, he knows little about control systems, but for the fact that his blog is very widely read in the broader security community.