By Johna Till Johnson, Network World, 08/08/05

VoIP security is beginning to get a lot of attention. But is its visibility warranted? In June, Gartner called VoIP security concerns "over-hyped" and urged IT executives not to hold off on VoIP deployment because of such concerns.

Yet at the Black Hat conference in Las Vegas late last month, noted researcher and security guru Phil Zimmerman - inventor of the encryption protocol Pretty Good Privacy (PGP) - introduced an architecture to deliver encryption to VoIP phones, positioning it as part of an overall requirement to secure critical infrastructure.

Who's right? Are VoIP security vulnerabilities overblown, or do IT executives need to be concerned?