Your Community: Share and Prepare
The financial industry is truly global, and so are the cyber challenges it faces. What happens to one company in one location can easily be replicated elsewhere in the world.
If you suspect that your organisation has been targeted or breached, it is vital that you let us know and share all relevant information as soon as possible. This is part of your contractual obligations to SWIFT as a user of our services.
We have a dedicated Customer Security Intelligence team that shares the latest anonymised information on Indicators of Compromise (IOCs) along with the modus operandi used in known attacks. This IOC information can also be accessed as a data feed, which can be integrated with a user’s Security Operating Centre (SOC). IOC information has already made a tangible difference in the fight against fraud.
We also provide an Information Sharing and Analysis Centre (ISAC), a secure portal that supplies detailed technical intelligence to allow the community to protect itself, take mitigating actions and defend against further attacks. An automated feed from free, open source threat intelligence platform MISP further improves the way IOCs are shared with our community.
Finally, SWIFT engages with the community through numerous channels: direct users meetings, webinars, liaising with cybersecurity intelligence agencies, speaking at SWIFT Business Forums, hosting CISO Roundtables, publishing quarterly newsletters, speaking at external conferences or industry association meetings and hosting cyber sessions at Sibos. We also publish white papers featuring cyber security thought leadership.
We commit to making every effort to inform you of relevant cyber intelligence and we intend to continue to expand our information sharing platforms to do so. Work includes, for example, the addition of MISP to the SWIFT ISAC.
We regularly engage with vendors and third parties to help secure the wider ecosystem, but we also expect you to prepare by acting in a timely manner on the information and security updates provided, and to ensure that you meet the mandatory security controls relevant for your SWIFT-related infrastructure.