Enhancing SWIFT Security Measures for ReBIT: March 2018 Update
SWIFT's latest security update for the ReBIT program highlights the persistent and sophisticated nature of cyber threats. Recommendations include maintaining vigilance, implementing sound security controls, and leveraging the Customer Security Programme (CSP) pillars for effective cyber threat response. Key milestones for 2018 involve cyber intelligence sharing, control framework evolution, and anti-fraud tool enhancements. SWIFT emphasizes mandatory security controls, advisory measures, and establishing a security baseline to safeguard the SWIFT ecosystem. Stay informed and proactive in the face of evolving threats.
Uploaded on Sep 12, 2024 | 0 Views
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
E N D
Presentation Transcript
SWIFT Security Update ReBIT Saqib Sheikh, saqib.sheikh@swift.com March 2018 TLP rating AMBER Confidential to participants and restricted distribution
Cyber threats continue to be persistent and sophisticated SWIFT Security Update to ReBIT, March 2018 2
SWIFT published a detailed case study in November 2017, customers must remain vigilant and ensure sound mitigating controls are in place SWIFT Security Update to ReBIT, March 2018 3
The Customer Security Programme (CSP) will continue to support our customers in responding to cyber threats, based on these three pillars You Secure and Protect SWIFT Tools Customer Security Controls Framework Your Counterparts Prevent and Detect Transaction Pattern Detection RMA, DVR and Payment Controls Your Community Share and Prepare Intelligence Sharing SWIFT ISAC Portal SWIFT Security Update to ReBIT, March 2018 4
In 2018, key milestones around cyber intelligence sharing, evolution of the control framework and new anti-fraud tools are planned Security Controls v2 published SWIFT ISAC R2 - STIX/TAXII (Feb 18) Quality Assurance Framework All Clients Must Comply with Mandatory Security Controls V1 (31 Dec 18) KYC-SA v3 Consumption Management Q1 18 Q2 18 Q3 18 Q4 18 Change Management Process Payment Controls Pilot (Q1 18) Payment Controls Go-Live (Q3 18) SWIFT Security Update to ReBIT, March 2018 5
In 2017 SWIFT established a new minimum security baseline, applicable to all live BICs Tthe Customer Security Controls Framework comprises a core set of security controls that all SWIFT customers must apply to their SWIFT-related infrastructure. 16 Mandatory security controls Establish a security baseline for the entire community All users must self-attest against their implementation on their local SWIFT-related infrastructure Set a realistic goal for near-term, tangible security gain and risk reduction. 11 Advisory controls Based on good practice that SWIFT recommends customers implement on their local SWIFT-related infrastructure. SWIFT Security Update to ReBIT, March 2018 6
The majority of customers have published their current level of compliance against this baseline, and this valuable data is available to you 89% BICs globally that self- attested by the deadline 89% of customers attested their level of compliance with the mandatory controls by the 31 December 2017 deadline This was an overwhelmingly positive response from the community across every segment, market and infrastructure type. 99% Attested BICs represent 99% of the FIN Traffic All customers now need to self-attest that they fully comply with all mandatory security controls by 31 December 2018. Self-attestations need to be renewed every 12 months. SWIFT Security Update to ReBIT, March 2018 7
As part of your operating guidelines this data can be used to confirm level of security of your participants Users should consume counterparty attestation data and integrate this into their risk management and business decision-making processes. Using the KYC-SA, customers can share their attestation data with their counterparties and request data from others. Customers remain in control of their attestation data they can grant or deny requests of their attestation data. SWIFT Security Update to ReBIT, March 2018 8
The SWIFT security control framework will evolve, giving customers 18 months to budget, plan and comply with new versions of the framework 2017 2018 2019 2020 2021 SWIFT writes V2 controls Customer budgets V2 Customer implements V2 controls V2 Reg Reporting V2 Reg Reporting Version V2 of Security Controls V2 attest window opens V2 attest window closes Customer needs to meet V2 mandatory controls by end 2019 V2 updates / corrections Cust attests CP consumes V2 controls doc published SWIFT Security Update to ReBIT, March 2018 9
Daily validation reports are available to support strong, independent reconciliation With cyber security and fraud prevention as top institutional priorities, Daily Validation Reports have quickly become an important part of our daily reconciliation process and controls. A European Central Bank In the event of an attack the accuracy of data in interface systems may be compromised. Validate Activity - Validate aggregated daily activity and transactions (reference and value) for a Group or a BIC8 across the payment chain - Daily volume and value totals, maximum value of single transactions and comparisons to 24 months historical profile Assess Risks - Assess large or unusual message flows based on different risk factors (largest transactions, largest aggregates, or deviation with average activity). - Identifies new combinations of parties in payment chain - highlights transactions sent outside of business hours Review Behaviours - Ensure alignment to Compliance policy SWIFT Security Update to ReBIT, March 2018 10
Message by message payments screening service will be a powerful new anti-fraud tool SWIFT is developing Payment Controls for subscribing organisations, performing in-flight transaction monitoring to identify payment activity that is out-of-policy or indicative of fraud risks. Message Copy Release / Abort Payments Controls provide an additional safeguard on top of users existing fraud prevention systems. Payments Controls Engine Focus on Smaller Institutions Initially for smaller, sending organisations. Will also help protect larger organisations through reduced risks of received payments. Secure In-Network Using sanctions screening model to alert/release/abort payment messages in real- time. Monitoring policy defined by the subscriber. SWIFT Security Update to ReBIT, March 2018 11
SWIFT provides support in being compliant to the SWIFT CSCF by end 2018 SWIFT Security Update to ReBIT, March 2018 12
Are you prepared to respond to these persistent and sophisticated cyber threats? Have you secured your infrastructure? Have you implemented necessary controls? Do you have the capacity to respond? Have you secured your ongoing operations? SWIFT Security Update to ReBIT, March 2018 13
The following controls support compliance to recent regulations 1 Have you secured your SWIFT infrastructure? Enables compliance to RBI requirements 1b, 1h CBS integration service SWIFT infrastructure security review a) Ensure automated integration with back office systems and minimise manual processing 1c, 1d, 1e, 1f, 1g, 1k, 3b, 4a, 4e, 4f Security integration service b) Comply with security controls 2 Have you implemented necessary controls 1a, 1h, 2b, 4g Daily validation reports, for all banks Real-time flow monitoring, for top tier banks a) Ensure independent reconciliation with golden source data 1a, 2a, 3b, 4b, 4d Payments control service GPI stop & recall of payments b) Implement transaction controls 1g Regular RMA analysis and clean-up RMA+ c) Ensure strong relationship management 3 Do you have capacity to respond? 1i, 1l, 4a, 4f SWIFT administration & operations training Security bootcamp Annual SWIFT certifications a) Ensure your staff are aware and trained to detect and respond to cyber threats 1i, 1l, 4f SWIFT Info Sharing & Analysis Centre SWIFT security guidelines b) Ensure your staff have access to latest cyber intelligence 4 Have you secured your ongoing operations? 4b Alliance Managed Operations System Care Premium Plus a) Implement independent monitoring and operations support SWIFT Security Update to ReBIT, March 2018 14
Review the configuration of your channel against SWIFT best practices SWIFT infrastructure security review Operational excellence review Architecture analysis Have you secured your infrastructure? Comply with security controls Back office data flow security Two factor authentication Other security integration services SWIFT Security Update to ReBIT, March 2018 15
Ensure independent reconciliation with golden-source data Daily validation reports Business intelligence reports Real-time flow monitoring Have you implemented necessary controls? Implement transaction controls Payments control service GPI stop & recall Ensure strong relationship management Regular RMA analysis and clean-up RMA+ for granular control SWIFT Security Update to ReBIT, March 2018 16
Ensure your staff are aware and trained to detect and respond to cyber threats Security bootcamps Tailored training SWIFT Administration and Operation certifications SWIFTSmart Do you have the capacity to respond? Ensure your staff have access to latest cyber intelligence SWIFT Info Sharing & Analysis Centre SWIFT security guidelines SWIFT Security Update to ReBIT, March 2018 17
Implement independent monitoring and operations support Alliance Managed Operations Local support Premium custom support Have you secured your ongoing operations? SWIFT Security Update to ReBIT, March 2018 18
What you can continue to do 1 Engage in SWIFT ISAC and sign up for notifications. 2 Ensure mandatory security updates of SWIFT software are installed. Ensure that you fully comply with all the mandatory security controls and attest by 31 December 2018. 3 Consider your institution s counterparty risk frameworks to consume and utilise counterparty attestation data. 4 Consider SWIFT s anti-fraud tools (Payment Controls, Daily Validation Reports, RMA clean-ups, etc.) 5 SWIFT Security Update to ReBIT, March 2018 19
? ? Questions SWIFT Security Update to ReBIT, March 2018 20
www.swift.com SWIFT Security Update to ReBIT, March 2018 21