Prevention
- Security Assessment
- Red Teaming
- Compliance Audit
- Pre-IR Assessment
- Compromise Assessment
- Cyber Education
- GIB Crypto
financial messages in 2020
territories connected
banking institutions connected
The banking industry is a lucrative, and therefore frequent target of cyberattacks. To respond to current and future threats, the Society for Worldwide Interbank FInancial Telecommunications (SWIFT) introduced their Customer Security Programme (CSP) in 2016.
The program outlines the Customer Security Controls Framework (CSCF), which comprises a set of mandatory and advisory security controls that apply to all member banks and financial institutions.
As a member of SWIFT, Group-IB is recommended to perform external attestations of any other member and offers comprehensive compliance audit.
The guidelines are regularly updated to reflect technological advances, new cybersecurity practices, and changes to the threat landscape. The current CSCF consists of 3 main objectives, 8 main principles, 31 security controls.
All SWIFT members must conduct a security attestation every year:
Conducted by an independent organization. The auditors themselves must be certified within the IS industry
Conducted at the expense of the organization’s independent qualified internal assessor
Review and update of company’s internal documents based on audit results
of your current state
for improving the effectiveness of protective measures and for SWIFT CSCF compliance
on how to enhance organization and administrative documentation, and reporting guidelines
Team of qualified experts who have 10+ years of experience auditing various infrastructures (GDPR DPP, CISSP, CISA, PCI QSA, ISO and others)
The strong synergy between Group-IB’s experts and proprietary Threat Intelligence & Attribution ensure up-to-date knowledge of attacker TTPs
We not only check for compliance but also draft internal documentation and recommendations, and provide risk assessments and consulting
We provide thorough, easy-to-read reports that clearly outline gaps in compliance as well as corresponding remediation measures