A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols
8 Pages Posted: 25 Jan 2015
Date Written: May 8, 2014
According to computer scientists at Columbia University, “A vulnerability inside all current Cisco IP phones allows hackers to take complete control of the devices… It’s relatively easy to penetrate any corporate phone system, any government phone system…” reported IEEE Spectrum article. Multiple news sources and blog ‘Cisco Phone Hack’ of computer security expert Bruce Schneier noted: “All current Cisco IP phones, including the ones seen on desks in the White House and aboard Air Force One, have a vulnerability that allows hackers to take complete control of the devices.”
Voice over Internet Protocol based networks have been gaining central prominence in global banking and finance industry over the past decade. In recent years, they have been considered a primary avenue for costs optimization and revenue maximization by global banks thus fuelling exponential growth based upon worldwide adoption. Despite central role both technologically and economically, sparse attention has been given to critical vulnerabilities described as the ‘weakest link’ in global banking and finance networks and the ‘soft targets’ in the underbelly of global banking and finance. This article’s focus is on addressing these critical gaps in global banking and finance practices and key industry frameworks underlying prudent risk management and information assurance practices for global banking and finance.
Keywords: Cybersecurity, Information Assurance, Banking and Finance, VoIP Networks, Penetration Testing, Ethical Hacking
JEL Classification: D8, D80, D81, C6, C60, C69, C9, C93, K00. L5, L50, L8, L86, L9, L96, L86, H56
Suggested Citation: Suggested Citation