LSEC - Leaders in Security

Hello, who’s this ?

- using my number
- calling on my behalf
- listening to my telephone conversations
- occupying the line
- ...

During this seminar, we will examine the threats seemingly being posed by VoIP that might have been affecting residential users, businesses or operators already.
Is there today only a false sense of comfort that the lines are managed by the operator and totally secure, as they might have been in the traditional ages?  Even with large IMS vendors, and investigating the level of ability to do assessments, analyze, remediate and service risks associated with large scale SIP-environments; indications were that the situation could be bad. Fortunately, the VoIP market in Belgium and Luxemburg is not yet of such a scale that those concerns are of major importance, or are they?
Over the last 5 years, the growth in IP-telephony has been massive. From the early soft phone days more than 10 years ago, the world has transformed into a voice over ip place, where we are almost unable to understand when and where we are talking over the internet or over a traditional telephone line. Especially in business environments, most transformations of PBX-es have already taken place. Whilst some of them are using a traditional VoIP encoding and transmission mechanism, some have already evolved into a SIP environment, some others even towards an IPv6 environment.

This seminar is intended to Security Professionals and Security Management, Network & Infrastructure Management, IT & Business Control & Audit, ICT Management, Telecom Purchasing and management, Communication Experts, ...  The sessions will be a combination of management level and technical expertise. It is not a requirement to be a Communications, VoIP or Security expert in order to attend.
As IP telephony continues to gain momentum, targeted attacks—and possibly broad-based attacks—will surface and gain greater visibility, highlighting vulnerabilities and the overall lack of focus on IP telephony security,” according to Gartner. “The limited number of high-profile attacks against IP telephony has lulled most chief information security officers and voice/data managers into a false sense of security, with the result that most do not have adequate protection for their converged networks.”
If your organization has VoIP communication channels or intends to facilitate voice communications over data networks, and you would like to understand and mitigate potential risks, this afternoon seminar will guild you to the most important topics. For the first time during a seminar in Belgium a focus on the variety of risks of VoIP and the potential security impact will presented in one half day, next to the opportunity of VoIP.
The purpose of this seminar is to make people and organizations aware of potential security threats, but also to open the discussion amongst the various players (vendors, users, government, ...) on how to improve the situation and to improve risk mitigation on all levels.

In this converged world seemingly the threats being posed by VoIP have not (yet) been affecting residential users, businesses or operators.
Or is that only a false sense of comfort?
Even with large IMS vendors, and investigating the level of ability to assess, analyze, remediate and service risks associated with large scale SIP-environments indications were that the situation could be bad. Fortunately, the VoIP market in Belgium is not yet of such a scale that those concerns are of major importance, or is it ?

Preliminary Program Schedule

12.30h Registrations & Sandwich Lunch

13.30h Welcome & Introduction by LSEC, Ulrich Seldeslachts

13.40h Security challenges in VOIP : A wake-upcall
by Stefaan Hinderyckx, Security Director Europe, DimensionData

14.30h Keynote :  challenges of traditional information security systems and solutions for VoIP in business
by Peter Cox, CEOUMLabs

Covering some of the following topics

- Categorising VoIP Security Threats
- Potential threat impact
- Threat detection and control
- Security audit

15.20h Coffee Break & Refreshments, Networking

15.50h VoIP Security Threats incidents and real life cases in Belgium
by Filip Maertens (Ysecorp) & Carlos Lowie (Belgacom)

16.40h Securing VoIP and the UC : the issues ... the solutions
by François Lagrange, Siemens Enterprise Communications

17.20h Mitigating Security Threats from a practical perspective
By Eric Vyncke, Cisco Systems

- network infrastructures can be improved to secure VoIP (as well as data)
- preventing network DoS, MITM attacks like ARP spoofing, ...
- securing VoIP signalling with X.509 cert & TLS/SSL
- securing media stream with SRTP (and why IPsec is not really suitable)
- improving existing network security (like firewalls blinded by encryption)


18.00h Discussion Panel, Conclusions and next steps

18.30h Drinks, Snacks and Networking

20.00h Close of Event


Practical Details
Monday September 7th, Leuven – K.U. Leuven, Kasteelpark 10 - ESAT Building, Auditorium A
This event can be freely attended, upon registration prior to September 5th by confirming on the button on top or below this page.
If you have never used this submission before, you will first be asked to enter your profile as a new member. Please than redirect yourself to this page to subscribe to the event.
If you already have registered, please fill in your user name and password on the homepage website member fill in box with your username and password and return to this page.

You can also send an email to voipsecurity2009 at lsec.be; with a request for registration.

Registrations after September 5th will be charged 150 € (excl VAT).
Register now in order to ensure your seat at the event. The number of participants are strictly limited, so registering in advance is advised.
Please note that in case of cancellation, they should also be sent prior to September 5th, and confirmed in order to avoid a cancellation fee of 150 € (excl VAT).

Looking forward seeing you Monday September 7th, or at one of our later events.