Two years ago, at the Cisco Live! Conference in Melbourne, as a result of the Snowden Revelations, Cisco revealed that it was going to the extraordinary lengths of shipping its routers to vacant addresses in order to stop government security agents installing backdoor access to the networks they’d be used on – which in Cisco’s case, means everything from corporate and government networks to the backbone of the internet.
With the recent revelations that American security services (most notably, the CIA) have been hacking all manner of devices from microphones in Samsung TVs to consumer mobile phones in order to spy on people and that those vendors were extremely concerned and patching the security holes as a matter of priority, PC World returned to the Cisco Live conference and asked Keynote speaker, Chris Dedicoat, EVP of Worldwide Sales, on how Cisco was responding to the latest revelations:
PC World: What can Cisco tell, not just its partners but the public about how it can be trusted? And what’s it doing to keep an eye on what the CIA and the government are doing?
Chris Dedicoat: We provide our technology to all of the major testing agencies around the globe and they’re able to in-depth analyse our technology. So our role is to provide the best technology to provide the best security that we can with the minds and the capabilities that we have. That’s the role of our company and our role is to provide that to companies around the globe. Our role is not to participate and comment on the question that you had…
PCW: You’ve spoken the whole time [at the Cisco Live conference] about the importance of network security and we’ve just learned that Samsung TVs have been compromised, Android phones, Apple iPhones and all manner of things. It stands to reason that Cisco routers are on their radar again. You can’t just dismiss it and say it’s not our job.
CD: I can because our role is to provide the technology that people build the security capability on. We stress that every company, regardless of what you do, needs to embrace a security strategy – that’s exactly what we are trying to say. Our role, however, is to try and develop the technology to do that and that’s what we are doing every single day. And we share that information across industry and with our customers to try and help [them] try and understand the changing threat landscape and the increasing number of threat actors and their sophistication. That is the role that we play.
PCW: Are you concerned about the WikiLeaks revelations?
CD: Of course we’re all concerned. Our role is to do everything we can through technology to improve the security capability of our customers and our partners and all we can do is to stress and to show what is occurring around the globe and try and provide the best guidance that we can from the amount of data that we collect and understand more about the threat landscape. That’s our role and every company… needs to embrace their own security strategy and they need to take advantage of the technologies that are available globally and implement [them] because it’s critical to their business that they do so… That is our role.
Whether these answers will convince people that Cisco really is doing everything to protect its networks this time round remains to be seen. The company does not appear to be investigating whether, as before, its customers are getting the same equipment that left Cisco's factory. As for whether it really is Cisco’s role to guard against infiltration of the networks it provides and not just provide advice and an knowingly-imperfect level of security on the matter is less clear cut.