Thanks for the mention. The "first" is that the SANS Institute has been publishing this "Top 20 Internet Security Attack Targets" list for several years, but this is the first time that VoIP has been on the list. In previous years, it was more about the underlying network, the operating systems, etc. But now it is their opinion that VoIP is a significant enough presence on the Internet that it *will* be attacked… and therefore it is worthwhile to call attention to that fact so that security professionals can ensure they are protecting it.

Regards,
Dan

P.S. The list was previously called the "Top 20 Critical Internet Security Vulnerabilities", but I guess that name didn't sound as aggressive as "Attack Targets".

P.P.S. Love your blog, BTW!