CSIA Provides VoIP Security Recommendations to Assist Congress in Revising the Telecommunications Act of 1996
May 10 2005 - 10:01AM
PR Newswire (US)
CSIA Provides VoIP Security Recommendations to Assist Congress in
Revising the Telecommunications Act of 1996 Announces June Workshop
on VoIP Technology, Research, Regulatory and Public Policy Issues
WASHINGTON, May 10 /PRNewswire/ -- Cyber Security Industry Alliance
(CSIA), the only public policy and advocacy group dedicated
exclusively to cyber security, today released a report that
recommends Congress consider cyber security issues facing Voice
over Internet Protocol (VoIP) as it looks to revise the
Telecommunications Act of 1996. The report explains why
increasingly broad adoption of IP-enabled technologies, such as
VoIP, calls for heightened focus on protecting the security,
integrity and reliability of the Internet. CSIA also announced that
it is co-hosting a VoIP security workshop with several leading
universities on June 1-2, 2005 in Washington, D.C. to further
explore the technology and policy issues surrounding VoIP security.
The Report finds that the same qualities that make VoIP such a
valuable new option for mass-market voice communications also can
lead to quality of service and performance issues including denial
of service attacks, Spam over IP Telephony (SPIT), session
eavesdropping and voicemail hijacking. The report concludes that
adding an extra layer of security infrastructure can help resolve
some of these issues, but not all of them. Since voice
communication is a key enabler of critical government services
operated by national security and emergency preparedness providers,
a VoIP cyber attack could lead to serious consequences, such as
loss of public access to critical emergency services like 911.
"While the promise of IP telephony is economical for many
organizations, cyber security issues cannot be ignored," said Paul
Kurtz, executive director of CSIA. "Because IP telephony depends
solely on the Internet for operating, it is subject to all the same
vulnerabilities that our corporate networks face. As Congress
considers revisiting the Telecommunications Act of 1996, CSIA
strongly recommends that the serious implications of VoIP cyber
attacks be addressed since they can affect critical government
services such as 911 and other emergency first responder services."
As consumers, businesses and government make much more intensive
use of the IP platform through voice applications, it is essential
to address the resulting impact on national security, emergency
preparedness and Internet fraud/criminal activity. This report
demonstrates the potential for VoIP to provide another channel for
exploiting vulnerabilities in both our critical infrastructure and
the IT-based economy. VoIP vulnerabilities also have the potential
to act as entry points for attacks on the rest of the network,
including non-VoIP applications, systems and infrastructures. Some
potential fallout examples include: * Crippling impacts on the
operations of IT dependent critical infrastructures, including the
potential knock out of banking, finance, chemical, electric power
generation and distribution, oil and gas production and storage,
emergency services, public health services, transportation systems,
water supplies and more; * Disablement of IT supporting critical
infrastructures in these industries; * Potential for weakening the
national response capability as part of a blended cyber and
physical attack; * Loss of revenue for operation stoppages in call
centers, order processing and shipping; * Theft, erasure, or
alteration of business and personal information; and * Violations
of privacy and confidentiality regulations, possibly resulting in
civil and/or criminal penalties. CSIA concludes that cyber security
for VoIP is essential for the protection of the entire information
technology ecosphere and asks that Congress consider several
recommendations for securing VoIP technologies, including
supporting research & development aimed at improving the
security and reliability of VoIP as well as defining roles and
responsibilities for agencies such as the Department of Homeland
Security, the Federal Communications Commission and the Department
of Defense. On June 1 and 2, CSIA, the University of North Texas,
University of Tulsa and George Mason University are calling
together leading scientists, technologists, policy makers and
domain experts to address VoIP technology, research, regulatory and
public policy issues at its workshop on "Securing Voice Over IP" in
Washington, D.C. Details on the "Securing Voice Over IP" workshop
and a copy of CSIA's VoIP report can be found at
http://www.csialliance.org/. About the Cyber Security Industry
Alliance CSIA is the only advocacy group dedicated exclusively to
enhancing global cyber security through public policy, education,
awareness and technology. The organization is led by CEOs from the
world's top security providers, who offer the technical expertise,
depth and focus to encourage a better understanding of cyber
security issues. It is the belief of the CSIA that a comprehensive
approach to ensuring the security, integrity and availability of
global information systems is fundamental to national and economic
stability. To learn more about the CSIA, please visit our Web site
at http://www.csialliance.org/ or call +1-703-894-2742. Members of
the CSIA include BindView Corp. (NASDAQ:BVEW); Check Point Software
Technologies Ltd. (NASDAQ:CHKP); Citadel Security Software Inc.
(NASDAQ:CDSS); Citrix Systems, Inc. (NASDAQ:CTXS); Computer
Associates International, Inc. (NYSE:CA); Entrust, Inc.
(NASDAQ:ENTU); Internet Security Systems Inc. (NASDAQ:ISSX); iPass
Inc. (NASDAQ:IPAS); Juniper Networks, Inc. (NASDAQ:JNPR); McAfee,
Inc. (NYSE:MFE); PGP Corporation; Qualys, Inc.; RSA Security Inc.
(NASDAQ:RSAS); Secure Computing Corporation (NASDAQ:SCUR), Symantec
Corporation (NASDAQ:SYMC) and TechGuard Security, LLC. DATASOURCE:
Cyber Security Industry Alliance CONTACT: Stacy Simpson of Merritt
Group, +1-703-390-1528, or , for the Cyber Security Industry
Alliance Web site: http://www.csialliance.org/
Copyright
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From May 2024 to Jun 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Jun 2023 to Jun 2024