A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols

8 Pages Posted: 25 Jan 2015

See all articles by Yogesh Malhotra

Yogesh Malhotra

Amazon Web Services Partner; Global Risk Management Network, LLC

Date Written: May 8, 2014

Abstract

According to computer scientists at Columbia University, “A vulnerability inside all current Cisco IP phones allows hackers to take complete control of the devices… It’s relatively easy to penetrate any corporate phone system, any government phone system…” reported IEEE Spectrum article. Multiple news sources and blog ‘Cisco Phone Hack’ of computer security expert Bruce Schneier noted: “All current Cisco IP phones, including the ones seen on desks in the White House and aboard Air Force One, have a vulnerability that allows hackers to take complete control of the devices.”

Voice over Internet Protocol based networks have been gaining central prominence in global banking and finance industry over the past decade. In recent years, they have been considered a primary avenue for costs optimization and revenue maximization by global banks thus fuelling exponential growth based upon worldwide adoption. Despite central role both technologically and economically, sparse attention has been given to critical vulnerabilities described as the ‘weakest link’ in global banking and finance networks and the ‘soft targets’ in the underbelly of global banking and finance. This article’s focus is on addressing these critical gaps in global banking and finance practices and key industry frameworks underlying prudent risk management and information assurance practices for global banking and finance.

Keywords: Cybersecurity, Information Assurance, Banking and Finance, VoIP Networks, Penetration Testing, Ethical Hacking

JEL Classification: D8, D80, D81, C6, C60, C69, C9, C93, K00. L5, L50, L8, L86, L9, L96, L86, H56

Suggested Citation

Malhotra, Yogesh, A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols (May 8, 2014). Available at SSRN: https://ssrn.com/abstract=2555098 or http://dx.doi.org/10.2139/ssrn.2555098

Yogesh Malhotra (Contact Author)

Amazon Web Services Partner ( email )

United States

HOME PAGE: http://YogeshMalhotra.com/

Global Risk Management Network, LLC ( email )

New Hartford, NY 13413
United States
+1-(646) 801-3644 (Phone)

HOME PAGE: http://YogeshMalhotra.com/bio.html

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
370
Abstract Views
7,452
Rank
140,122
PlumX Metrics