A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols

8 Pages Posted: 25 Jan 2015

See all articles by Yogesh Malhotra

Yogesh Malhotra

Global Risk Management Network, LLC

Date Written: May 8, 2014

Abstract

According to computer scientists at Columbia University, “A vulnerability inside all current Cisco IP phones allows hackers to take complete control of the devices… It’s relatively easy to penetrate any corporate phone system, any government phone system…” reported IEEE Spectrum article. Multiple news sources and blog ‘Cisco Phone Hack’ of computer security expert Bruce Schneier noted: “All current Cisco IP phones, including the ones seen on desks in the White House and aboard Air Force One, have a vulnerability that allows hackers to take complete control of the devices.”

Voice over Internet Protocol based networks have been gaining central prominence in global banking and finance industry over the past decade. In recent years, they have been considered a primary avenue for costs optimization and revenue maximization by global banks thus fuelling exponential growth based upon worldwide adoption. Despite central role both technologically and economically, sparse attention has been given to critical vulnerabilities described as the ‘weakest link’ in global banking and finance networks and the ‘soft targets’ in the underbelly of global banking and finance. This article’s focus is on addressing these critical gaps in global banking and finance practices and key industry frameworks underlying prudent risk management and information assurance practices for global banking and finance.

Keywords: Cybersecurity, Information Assurance, Banking and Finance, VoIP Networks, Penetration Testing, Ethical Hacking

JEL Classification: D8, D80, D81, C6, C60, C69, C9, C93, K00. L5, L50, L8, L86, L9, L96, L86, H56

Suggested Citation

Malhotra, Yogesh, A Risk Management Framework for Penetration Testing of Global Banking & Finance Networks VoIP Protocols (May 8, 2014). Available at SSRN: https://ssrn.com/abstract=2555098 or http://dx.doi.org/10.2139/ssrn.2555098

Yogesh Malhotra (Contact Author)

Global Risk Management Network, LLC ( email )

Cornell Business and Technology Park
Ithaca, NY 14852-4892
United States

Register to save articles to
your library

Register

Paper statistics

Downloads
270
rank
108,816
Abstract Views
5,573
PlumX Metrics