1 / 21

Cyber threats continue to be persistent and sophisticated

SWIFT Security Update ReBIT Saqib Sheikh, saqib.sheikh@swift.com March 2018 TLP rating AMBER Confidential to participants and restricted distribution. Cyber threats continue to be persistent and sophisticated.

Download Presentation

Cyber threats continue to be persistent and sophisticated

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. SWIFT Security UpdateReBITSaqib Sheikh, saqib.sheikh@swift.comMarch 2018TLP rating AMBERConfidential to participants and restricted distribution

  2. Cyber threats continue to be persistent and sophisticated SWIFT Security Update to ReBIT, March 2018

  3. SWIFT published a detailed case study in November 2017, customers must remain vigilant and ensure sound mitigating controls are in place SWIFT Security Update to ReBIT, March 2018

  4. The Customer Security Programme (CSP) will continue to support our customers in responding to cyber threats, based on these three pillars You Secure and Protect SWIFT Tools Customer Security Controls Framework Your Counterparts Prevent and Detect Transaction Pattern Detection – RMA, DVR and Payment Controls Your Community Share and Prepare Intelligence Sharing SWIFT ISAC Portal SWIFT Security Update to ReBIT, March 2018

  5. In 2018, key milestones around cyber intelligence sharing, evolution of the control framework and new anti-fraud tools are planned Security Controls v2 published SWIFT ISAC R2 - STIX/TAXII (Feb 18) Quality Assurance Framework All Clients Must Comply with Mandatory Security Controls V1 (31 Dec 18) KYC-SA v3 Consumption Management Change Management Process Payment Controls Pilot (Q1 18) Payment Controls Go-Live (Q3 18) SWIFT Security Update to ReBIT, March 2018

  6. In 2017 SWIFT established a new minimum security baseline, applicable to all live BICs Tthe Customer Security Controls Framework comprises a core set of security controls that all SWIFT customers must apply to their SWIFT-related infrastructure. 16 Mandatory security controls Establish a security baseline for the entire community All users must self-attest against their implementation on their local SWIFT-related infrastructure Set a realistic goal for near-term, tangible security gain and risk reduction. 11 Advisory controls Based on good practice that SWIFT recommends customers implement on their local SWIFT-related infrastructure. SWIFT Security Update to ReBIT, March 2018

  7. 89% of customers attested their level of compliance with the mandatory controls by the 31 December 2017 deadline This was an overwhelmingly positive response from the community – across every segment, market and infrastructure type. All customers now need to self-attest that they fully comply with all mandatory security controls by 31 December 2018. Self-attestations need to be renewed every 12 months. The majority of customers have published their current level of compliance against this baseline, and this valuable data is available to you 89% 99% Attested BICs represent 99% of the FIN Traffic BICs globally that self- attested by the deadline SWIFT Security Update to ReBIT, March 2018

  8. As part of your operating guidelines this data can be used to confirm level of security of your participants • Users should consume counterparty attestation data and integrate this into their risk management and business decision-making processes. • Using the KYC-SA, customers can share their attestation data with their counterparties and request data from others. • Customers remain in control of their attestation data – they can grant or deny requests of their attestation data. SWIFT Security Update to ReBIT, March 2018

  9. The SWIFT security control framework will evolve, giving customers 18 months to budget, plan and comply with new versions of the framework SWIFT writes V2 controls Customer budgets V2 Customer implements V2 controls V2 Reg Reporting V2 Reg Reporting Version V2 of Security Controls Customer needs to meet V2 mandatory controls by end 2019 V2 attest window opens V2 attest window closes V2 updates / corrections Cust attests CP consumes V2 controls doc published SWIFT Security Update to ReBIT, March 2018

  10. Daily validation reports are available to support strong, independent reconciliation “With cyber security and fraud prevention as top institutional priorities, Daily Validation Reports have quickly become an important part of our daily reconciliation process and controls. A European Central Bank In the event of an attack the accuracy of data in interface systems may be compromised. • Validate Activity • Validate aggregated daily activity and transactions (reference and value) for a Group or a BIC8 across the payment chain • Daily volume and value totals, maximum value of single transactions and comparisons to 24 months historical profile • Assess Risks • Assess large or unusual message flows based on different risk factors (largest transactions, largest aggregates, or deviation with average activity). • Identifies new combinations of parties in payment chain • highlights transactions sent outside of business hours • Review Behaviours • Ensure alignment to Compliance policy SWIFT Security Update to ReBIT, March 2018

  11. Message by message payments screening service will be a powerful new anti-fraud tool SWIFT is developing Payment Controls for subscribing organisations, performing ‘in-flight’ transaction monitoring to identify payment activity that is out-of-policy or indicative of fraud risks. Payments Controls provide an additional safeguard on top of users’ existing fraud prevention systems. Message Copy Release / Abort Payments Controls Engine Focus on Smaller Institutions Initially for smaller, sending organisations.Will also help protect larger organisations through reduced risks of received payments. Secure In-Network Using sanctions screening model to alert/release/abort payment messages in real-time. Monitoring policy defined by the subscriber. SWIFT Security Update to ReBIT, March 2018

  12. SWIFT provides support in being compliant to the SWIFT CSCF by end 2018 SWIFT Security Update to ReBIT, March 2018

  13. Are you prepared to respond to these persistent and sophisticated cyber threats? Have you secured your infrastructure? Have you implemented necessary controls? Do you have the capacity to respond? Have you secured your ongoing operations? SWIFT Security Update to ReBIT, March 2018

  14. The following controls support compliance to recent regulations SWIFT Security Update to ReBIT, March 2018

  15. Review the configuration of your channel against SWIFT best practices • SWIFT infrastructure security review • Operational excellence review • Architecture analysis Have you secured your infrastructure? • Comply with security controls • Back office data flow security • Two factor authentication • Other security integration services SWIFT Security Update to ReBIT, March 2018

  16. Ensure independent reconciliation with golden-source data • Daily validation reports • Business intelligence reports • Real-time flow monitoring Have you implemented necessary controls? • Implement transaction controls • Payments control service • GPI stop & recall • Ensure strong relationship management • Regular RMA analysis and clean-up • RMA+ for granular control SWIFT Security Update to ReBIT, March 2018

  17. Ensure your staff are aware and trained to detect and respond to cyber threats • Security bootcamps • Tailored training • SWIFT Administration and Operation certifications • SWIFTSmart Do you have the capacity to respond? • Ensure your staff have access to latest cyber intelligence • SWIFT Info Sharing & Analysis Centre • SWIFT security guidelines SWIFT Security Update to ReBIT, March 2018

  18. Implement independent monitoring and operations support • Alliance Managed Operations • Local support • Premium custom support Have you secured your ongoing operations? SWIFT Security Update to ReBIT, March 2018

  19. What you can continue to do 1 Engage in SWIFT ISAC and sign up for notifications. 2 Ensure mandatory security updates of SWIFT softwareare installed. Ensure that you fully comply with all the mandatory security controls and attest by 31 December 2018. 3 Consider your institution’s counterparty risk frameworks to consume and utilise counterparty attestation data. 4 Consider SWIFT’s anti-fraud tools (Payment Controls, Daily Validation Reports, RMA clean-ups, etc.) 5 SWIFT Security Update to ReBIT, March 2018

  20. ? … Questions SWIFT Security Update to ReBIT, March 2018

  21. SWIFT Security Update to ReBIT, March 2018

More Related