SWIFT-CSCF-Assessment by certified inspectors

Consileon supports the SWIFT assessment for you and works with you to implement the necessary measures

For a long time, the Society for Worldwide Interbank Financial Telecommunication (SWIFT) mainly operated a secure communication channel for the international payment transactions of banks. This is still the case today. It is practically impossible to move money internationally without SWIFT. About 11.000 banks and financial institutions are currently connected to SWIFT and, in total, move around six trillion US Dollars per day.

But one event changed everything. Three hackers attacked a Japanese bank and the criminals managed to break into the bank’s internal system. They used a fictitious application for this attack. Because there were no other internal security mechanisms that separated the personnel department from the payment systems, the cybercriminals were able to make fictitious transfers using the secure SWIFT network.

Because of this event, SWIFT has come to the realisation that it must also ensure sufficient security within the affiliated banks to prevent thefts like this in the future. For that reason, SWIFT commits all participating institutions to a strict security programme, which ensures that all areas that are relevant for payment transactions and communicate with SWIFT are strictly shielded from the other IT systems of the financial institution and the Internet.

Download brochure

Drei Consileon Mitarbeiter sind in einem Meeting im Büro.

Our certified experts will be happy to conduct the external SWIFT-CSCF assessment for you.

Talk to us!

Important information!

Schutz Netzwerksicherheit Computer und sicher Ihre Daten Konzept. Digitale Kriminalität durch einen anonymen Hacker

SWIFT users are required to submit their self-certification of compliance with the mandatory and, if applicable, also the recommended security controls to an independent audit by the end of 2021. For you as a SWIFT user, this means that you will have to provide evidence of an independent audit based on CSCF 2021 by the end of next year. The SWIFT network has extended the deadline due to the Corona pandemic. We would be happy to advise you on this.

Consileon is listed* with SWIFT and can perform the mandatory independent audit for you. Please do not hesitate to contact us.

The customer voice

“To improve the security of global payments, SWIFT has established the Customer Security Program (CSP), which obligates SWIFT users to attest to the degree to which they have implemented the requirements of the SWIFT CSP. SWIFT updates this regularly and periodically changes recommended controls into mandatory controls. As the operator of a SWIFT A1 full stack architecture, the Inde-pendent Assessment Framework was already imposed on us in 2019. As part of this challenge, it’s important to highlight the strengths of Consileon Business Consultancy – not just the methodical and technical expertise but also the partnership approach and flexibility. Working with us to develop customised solutions was just as much a part of Consileon’s competence and objective as was their ongoing support until we obtained a certificate.”

von Patrick Werner – Senior Vice President, Swiss Euro Clearing Bank

What we can do for you

Consileon is listed by SWIFT. You will get the following services from us:

1

We are your partner for external assessment and CSCF certification.

2

We will help you increase your operational cyber security to the necessary standard for SWIFT.

3

We will design the IT architecture of your Swift Secure Zone with you.

4

We will establish a robust Cyber Incident Response Process with you that can withstand the current threats.

*Disclaimer: SWIFT does not certify, warrant, endorse or recommend any service provider listed in its directory and SWIFT customers are not required to use providers listed in the directory.

Please do not hesitate to contact us regarding SWIFT-CSCF certification for your company.

Our expert will advise you in detail.

„*“ zeigt erforderliche Felder an

This might also interest you

B3S: Informationssicherheit für Krankenhäuser strategisch gestalten

NIS2, KRITIS und B3S greifen im Krankenhaus ineinander. Der Beitrag zeigt, wie Informationssicherheit strukturiert umgesetzt und regulatorische Anforderungen erfüllt werden können.

Neue Podcastfolge: ISMS – Sicherheit beginnt nicht erst in der IT

Neue Podcastfolge von syracom: „ISMS: Sicherheit beginnt nicht erst in der IT“. Im Gespräch mit Q-SOFT geht es um Verantwortung, Mehrwert und die strategische Einordnung eines ISMS als Managementsystem, das Risiken steuert und Sicherheit verankert.

NIS2 im Krankenhaus: IT-Sicherheit wird zur Führungsaufgabe

Mit NIS2 wird IT-Sicherheit im Krankenhaus zur Chefsache. Dr. Michael Ullmann erklärt, warum jetzt strukturiertes Handeln gefragt ist, welche Haftungsrisiken bestehen und wie KI-gestützte Lösungen wie das Regulatorik-Radar Compliance effizient und transparent unterstützen.