Cookie Notice

We use cookies to analyse site traffic and optimise your browsing experience. Accepting necessary cookies is required to provide you with a minimum level of service. Read Cookie Statement

Get In Touch
Contact Us

Contact Us

Please get in touch using the form below

1000 characters left
View our privacy policy
Experiencing a breach? Get emergency incident response assistance.

About SWIFT CSP

What is the SWIFT CSP?

The SWIFT Customer Security Programme (CSP) is a framework designed to help financial institutions improve their cyber security posture. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework.

SWIFT conducts random inspections on its members to ensure that they have appropriate cyber security controls in place and reports any non-compliant organisations to industry regulators, such as the UK’s Financial Conduct Authority.

Speak to an expert

Get in touch

MDR for SWIFT CSP

Managed security services for SWIFT CSP compliance

The SWIFT CSP has three overarching objectives, split across seven key security principles and 27 controls. There are 16 mandatory and 11 advisory security controls. Mandatory controls are designed to establish a security baseline for the SWIFT community, while advisory controls are based on recommended best practice but could become mandatory in the future.

Redscan offers a range of managed security and assessment services to help organisations in the financial sector comply with the full spectrum of CSP controls and validate their annual self-attestations.

 

Objectives Principles Controls
1 Secure your environment 1. Restrict internet access and protect critical systems 2 mandatory
2. Reduce attack surface and manage vulnerabilities 3 mandatory, 6 advisory
3. Physically secure the environment 1 mandatory
2 Know and limit access 4. Prevent compromise of credentials 2 mandatory
5. Manage identities and segregate privileges 2 mandatory, 2 advisory
3 Detect and respond 6. Detect anomalous activity to system/transaction records 4 mandatory, 1 advisory
7. Plan for incident response 2 mandatory, 2 advisory

 

Our Services

Our award-winning services

Redscan’s security services are designed to provide the vital assistance needed to make tangible improvements to your organisation’s cyber security posture.

ThreatDetect MDR

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Read more
Specialist engagements to uncover and address hidden cyber security risks

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Read more
A person choosing from a range of Managed Security Services

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Read more

About us

Why choose Kroll?

  • A leading global MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. 9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

Two Redscan team members analysing cyber security intelligence

1000 characters left
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
22nd April 2024
Quishing attacks increase tenfold
According to new research, quishing attacks, a type of phishing that leverages QR codes, have significantly increased, rising from 0.8% in 2021 to 10.8% in 2024.
15th April 2024
Half of UK businesses affected by cyber-incident in the past year
According to a new report by the UK government, half of UK businesses have reported a cyber incident or data breach in the past 12 months.  
8th April 2024
Infostealers prominent in retail cyber-attacks
New research has highlighted that the use of infostealers dominated in cyber-attacks on retailers over the past year.  
2nd April 2024
Zero-day vulnerabilities soared by over 50% between 2022 and 2023
In a new report Google has revealed that the volume of zero-day vulnerabilities it detected rose by over 50% from 2022 to 2023, with bugs in third-party components on the increase.