ABOUT SWIFT
Through SWIFT, millions of financial messages across the globe can be communicated in a reliable manner every day.
To protect the customers’ environment including the access to SWIFT, SWIFT has introduced the Customer Security Programme (CSP). Under CSP, a set of security controls are designed to assists the customers in securing their local environment as well as the connection with others.
Reference from https://www.swift.com/myswift/customer-security-programme-csp/security-controls
SWIFT Customer Security Controls Framework
The SWIFT Customer Security Controls Framework is created as a guideline for the customer to meet the required security baseline in creating a secure financial communication environment. With the reference from the framework, certain physical and logical security controls are mandatory to be implemented.
There are 3 objectives, 8 principles and 27 controls stated inside SWIFT Customer Security Controls Framework v2019 for the customers to comply with the security standard.
Subsequently, several enterprise level risks such as financial risk, legal risk, regulatory risk and reputational risk were represented by these consequences. Pentest experts finds the opportunity to lend a helping hand in governing and strengthening the framework to ensure a foolproof SWIFT environment and to close the gaps of a potential security breach.
By following the framework, some undesired business consequences can be avoided:
Unauthorized sending of modification of financial transactions
Integrity breach (of business data, computer systems, or operator details)
Processing of altered or unauthorized SWIFT inbound transactions
Confidentiality breach (of business data, computer systems, or operator details)
Business conducted with an unauthorized counterparty
Security Assessments Offered
Pentest experts covers both logical and technical components in the SWIFT environment to fulfill the entirety and requirements that governs the Customer Security Programme.
