SWIFT CUSTOMER SECURITY CONTROLS FRAMEWORK
Tightening the Security of the Financial Ecosystem
Cyber attacks connected to the Society of Worldwide Interbank Financial Telecommunication (SWIFT) continue to emerge. As a high-value target for attackers, the SWIFT network provides a community of financial institutions worldwide – over 11,000 customers scattered across 200+ countries – the ability to exchange sensitive information relating to international financial transactions. To establish a consistent secure framework and baseline of accountability for customers of SWIFT, mandatory and advisory security controls must be implemented across this community. Organizations will be required to self-attest on an annual basis to prove compliance with the SWIFT Customer Security Controls Framework.
Attackers have found ways to capture legitimate SWIFT operator credentials, coupled with already existing sophisticated hacking techniques, to steal funds in the hundreds of millions from banks around the world. Protecting these credentials from digital criminals who can authenticate transfer messages and send fraudulent payment instructions to banks is paramount. CyberArk solutions provide the security controls necessary to help support the self-attestation requirements in securing the organizations environment, knowing “who” and “what” has access to critical systems and applications, and detecting and responding to high-risk activity in operator sessions.
- Implement Privileged Access protection to the SWIFT environment, enforcing Least Privilege principles and the creation of a secure zone for SWIFT related assets.
- Enforce Privileged Account Control (Passwords and SSH Keys) for all Operating Systems used within the SWIFT Secure Zone, with full user accountability and privileged elevation processes
- Secure the SWIFT infrastructure by implementing an isolation layer between these critical assets and the rest of the IT estate – whilst enabling comprehensive logging and monitoring of privileged users.
- Collect, detect, alert and respond to high-risk, anomalous activity within local SWIFT environments with a fully detailed and searchable audit trail of privileged activity