TippingPoint announced today that it has established the VoIP Security Alliance (VOIPSA) in conjunction with a group of VoIP vendors, providers, security researchers, and thought leaders. The goal of the alliance is to discover and reduce VoIP security risks. Some of the charter members include 3Com , Alcatel , Avaya, Codenomicon, Columbia University, Enterasys, Ernst and Young’s Guiliani Advanced Security Center, Insightix , NetCentrex, Qualys, Sourcefire, Southern Methodist University, SecureLogix, Spirent, Symantec , the SANS Institute and Tenable Network Security.
A complete list of members can be accessed at the VOIPSA Web site.
According to the release publicizing the alliance, “The growing convergence of voice and data networks only serves to exacerbate and magnify the security risks of today’s traditional prevalent cyber attacks. Successful attacks against a combined voice and data network can cripple an enterprise, halt communications required for productivity, and result in irate customers and lost revenue. As VoIP increases in popularity, so does the potential for harm from a cyber attack. As VoIP deployments become more widespread, the technology becomes a more attractive target for hackers, The emergence of VoIP application-level attacks will likely occur as attackers become more familiar with the technology through exposure and easy access.”
VOIPSA aims to help organizations understand and avoid VoIP security risks through discussion lists, whitepapers, sponsorship of VoIP security research projects, and the development of tools and methodologies for public use. VOIPSA is the first and only group solely and holistically dedicated to VoIP security backed by a wide spectrum of organizations represented by universities, security researchers, VoIP vendors, and VoIP providers.
TippingPoint is providing an administrative service in forming VOIPSA, recruiting members and facilitating VOIPSA meetings.