SWIFT CUSTOMER SECURITY PROGRAMME

What is the SWIFT CSP?

The SWIFT Customer Security Programme (CSP) is a framework designed to help financial institutions improve their cybersecurity posture. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework.

SWIFT conducts random inspections on its members to ensure that they have appropriate cybersecurity controls in place and reports any non-compliant organizations to industry regulators, such as the UK’s Financial Conduct Authority.

SWIFT CSP compliance advisory services

The SWIFT CSP has three overarching objectives, split across seven key security principles and 27 controls. There are 16 mandatory and 11 advisory security controls. Mandatory controls are designed to establish a security baseline for the SWIFT community, while advisory controls are based on recommended best practices but could become mandatory in the future.

3Cyber-Sec offers a range of managed security and assessment services to help organizations in the financial sector comply with the full spectrum of CSP controls and validate their annual self-attestations.

SWIFT CSP requirements summary

Objectives, Principles and Controls

~

Secure your environment

1. Restrict internet access and protect critical systems
with 2 mandatory controls

2. Reduce attack surface and manage vulnerabilities
with 3 mandatory and 6 advisory controls

3. Physically secure the environment
with 1 mandatory control



Know and limit access

1. Prevent compromise of credentials
with 2 mandatory controls

2. Manage identities and segregate privilieges
with 2 mandatory and 2 advisory controls



Detect and respond

1. Detect anomalous activity to system/transaction records
with 4 mandatory and 1 advisory controls

2. Plan for incident response
with 2 mandatory and 2 advisory controls

BENEFITS FROM OUR SERVICES

3Cyber-Sec’s expert knowledge has helped financial institutions to achieve the compliance state of SWIFT Customer Security Programme requirements.

Request more information about our SWIFT CSP compliance advisory services

GET IN TOUCH

40 YEARS OF

COMBINED

EXPERIENCE

WHY WORK WITH 3CYBER-SEC?

– Individual approach and maximum flexibility in response time

– Proven methods for security checks, analyses, and reporting

– Resource optimization and cost-effectiveness

– Independent expertise with a deep understanding of hackers’ behavior

ISO 27001 CERTIFIED

UK CYBER ESSENTIALS CERTIFIED

LET US PRESENT TO YOU OUR SWIFT CSP compliance advisory services

Submit a request via our contact form and our team will come back to you promptly.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
Google Analytics	1 month	Google Analytics gathers web traffic information that enables us to improve the experience of visitors to our Website and deliver relevant advertisements on the Google Display Network.
LinkedIn	1 month	We use LinkedIn’s Insight Tag to track conversions, retarget website visitors, and unlock additional insights about users interacting with our LinkedIn adverts. We use this data to optimise our campaigns and ensure that LinkedIn ads are served to the most relevant and interested audience possible.