Address SWIFT Customer Security Controls Framework with CyberArk

Share and earn Cybytes
Facebook Twitter LinkedIn Email

The Society of Worldwide Interbank Financial Telecommunication (SWIFT) provides a community of global financial institutions the ability to exchange sensitive information relating to international financial transactions. This vast network—over 11,000 customers across 200+ countries—has become an attractive, high-value target for cyber attackers, as evidenced by high-profile breaches including the infamous Bangladesh Central Bank heist. By capturing legitimate SWIFT operator credentials while employing increasingly sophisticated hacking techniques, attackers continue to pilfer hundreds of millions from banks around the world.

Protecting these credentials from reaching the hands of criminals is an essential step in preventing future attacks. To that end, SWIFT’s Customer Security Programme has established a secure framework and baseline of accountability for customers of SWIFT. This framework has a strong emphasis on privileged account security. Mandatory and advisory security controls must be implemented across the community, and organizations must prove compliance with these regulations by January 18, 2018.

The SWIFT security framework is comprised of 27 controls based on three overarching objectives, and there are about five months remaining to prove compliance. Fortunately, CyberArk customers can address a majority of these controls. CyberArk provides the capabilities needed to meet requirements around securing the organization’s environment, knowing “who” and “what” has access to critical systems and applications as well as detecting and responding to high-risk activity in operator sessions. Following is a high-level look at how CyberArk can help organizations to meet these core objectives:

Secure Your Environment: Risk comes from outside and within—determined, malicious “outsiders” and careless or disgruntled “insiders.” Either can wreak havoc on a financial institution. Unmanaged privileged credentials and accounts are the common vulnerability in both cases. The CyberArk Privileged Account Security Solution can protect and control access to critical systems and infrastructure within a local SWIFT environment. By removing local administrative rights and using CyberArk Endpoint Privilege Manager, organizations can provide users with non-administrative access and on-demand session elevation when needed based on defined policies. Multiple layers of built-in security serve to protect all privileged account operator credentials, including passwords and SSH keys (which may be used to access critical UNIX/Linux operating systems).

Know and Limit Access: The CyberArk Privileged Session Manager enables organizations to isolate, monitor, record and control privileged sessions on critical systems. The solution acts as a jump server and single access control point enabling organizations to have a “secure zone” to protect the local SWIFT infrastructure. Real-time privilege session monitoring enables security teams to detect suspicious activity as soon as it occurs and remotely terminate the session to minimize any potential damage. Additionally, searchable audit logs and session recordings are stored in a tamper-proof vault to prevent privileged users from editing or deleting their history. Security and audit teams can easily review these recordings and audit logs to locate the exact moment an event occurred and gain a clear understanding of the scope and severity of an incident.

Detect and Respond: Attackers target and compromise legitimate, trusted credentials within the network. This makes detecting their abuse a serious challenge when attempting to detect credential theft attacks. Many institutions also struggle to pinpoint attempts to bypass enforced controls by internal or external threat actors. To help overcome these challenges, CyberArk Privileged Threat Analytics implements detection capabilities around the abuse, misuse and theft attacks on privileged credentials. When combined with the CyberArk Privileged Account Security Solution, CyberArk can flag high-risk, anomalous activity within local SWIFT environments with a fully detailed and searchable audit trail of privileged activity.

To learn more about how CyberArk can help your organization to prepare for the January 2018 SWIFT security framework compliance deadline, join us for a free webinar, “Fast Track to SWIFT Compliance” on July 20. Please select from a time zone based in EMEA or the Americas.


The post Address SWIFT Customer Security Controls Framework with CyberArk appeared first on CyberArk.

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About CyberArk
CyberArk is the only security company that proactively stops the most advanced cyber threats – those that exploit insider privileges to attack the heart of the enterprise. The company has pioneered a new category of targeted security solutions to lock down privileged accounts and protect against cyber threats before attacks can escalate and do irreparable business damage. CyberArk is trusted by the world’s leading companies – including more than 40 of the Fortune 100 – to protect their highest value information assets, infrastructure and applications, while ensuring tight regulatory compliance and audit requirements.
Promoted Content
Advanced cyber attacks involve compromised privileged accounts. Cyber attackers target them because they represent the keys to the IT kingdom. Effective enterprise security includes proactively protecting privileged accounts. Industry experts have identified practices that increase an organization’s vulnerability to a cyber attack. How many of these are common at your organization?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?