SWIFT Customer Security Controls Framework

SWIFT has introduced the Customer Security Program (CSP) as a countermeasure to Cybercrimes. However, it was also implemented to raise the bar of logical and physical security for the community. 

Based on our experience with the evaluation of the SWIFT CSCF for several customers using the SWIFT infrastructure, we will analyze SWIFT-related breaches and the most common control failures. We will also provide a set of recommendations based on an independent assessment to secure your SWIFT environment better.

The 2023 The Customer Security Control Framework (CSCF) consists of a set of 3 objectives, which focus on 7 principles and contain 32 controls.

The document highlights the following aspects

• SWIFT objectives and principles
• SWIFT CSCF assessment scope
• SWIFT CSCF Framework
• Our Approach and Methodology

How Deloitte can help:

• Deloitte’s Cyber Risk practice is widely acknowledged as a leading security consulting practice and is eminently qualified to help your organization remain secure, vigilant, and resilient in the face of evolving Cyber threats. Deloitte ranked #1 by Gartner in security consulting services for the 7th consecutive year.
• Deloitte’s leadership in the field of information security assures you of our ability to assign qualified, knowledgeable, and industry-respected personnel who have performed similar consulting assignments.
• Our experience in delivering similar mandates for organizations in the region brings industry and region specific experience. Our highly skilled resources and experience of security technologies, constitute an invaluable set of resources for SWIFT CSP-related engagements. This enables us to use proven tools and methods to carry out comprehensive engagements.
• We are a technology and solution agnostic, and we only recommend a solution that makes sense for the business and provides value.