In response to a series of cyberattacks, SWIFT (The Society for Worldwide Interbank Financial Telecommunication) established a standard set of security controls designed to help financial institutes secure their local environments and to foster awareness and good practices for the entire SWIFT community.
Today, the SWIFT community includes 11,000 financial institutions across over 200 countries that must comply with CSCF (Customer Security Controls Framework) by the end of 2021.
The SWIFT CSCF covers 22 mandatory and 9 advisory controls organized around three main objectives:
- Secure your environment
- Know and limit access
- Detect and respond
These main objectives are supported by seven core security principles:
- Restrict internet access and segregate critical systems from the general IT environment
- Reduce attack surface and vulnerabilities
- Physically secure the environment
- Prevent compromise of credentials
- Manage identities and segregate privileges
- Detect anomalous activity to system or transaction records
- Plan for incident response and information sharing
Financial institutions need a robust solution that provides them with oversight of their alignment with CSCF in a single view. This solution should show how well they’re meeting the mandatory and advisory controls while also assessing the configuration, performance, and security of their deployed tools.
The solution should also add efficiencies in areas such as auditing, reporting, and technical validation. Luckily for SWIFT members, such a solution is here.
To provide an independent comprehensive internal assessment and to ensure that your organization meets SWIFT CSCF, Cyber Observer developed SWIFT CSCF View. The SWIFT CSCF View presents continuously current enterprise posture and compliance with the regulation.
Cyber Observer helps to establish a required security baseline by which all financial institutions are measured. To achieve compliance while improving security, the SWIFT CSCF View assists to build ongoing cybersecurity governance and risk program that considers the latest industry best practices and resonates with enterprise needs: specific infrastructure deployed tools and configurations.
Read more about Cyber Observer SWIFT CSCF View here