Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Read a post-mortem analysis of the infamous Emotet botnet. Download our whitepaper.

About SWIFT CSP

What is the SWIFT CSP?

The SWIFT Customer Security Programme (CSP) is a framework designed to help financial institutions improve their cyber security posture. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework.

SWIFT conducts random inspections on its members to ensure that they have appropriate cyber security controls in place and reports any non-compliant organisations to industry regulators, such as the UK’s Financial Conduct Authority.

Speak to an expert

Get in touch

MDR for SWIFT CSP

Managed security services for SWIFT CSP compliance

The SWIFT CSP has three overarching objectives, split across seven key security principles and 27 controls. There are 16 mandatory and 11 advisory security controls. Mandatory controls are designed to establish a security baseline for the SWIFT community, while advisory controls are based on recommended best practice but could become mandatory in the future.

Redscan offers a range of managed security and assessment services to help organisations in the financial sector comply with the full spectrum of CSP controls and validate their annual self-attestations.

 

Objectives Principles Controls
1 Secure your environment 1. Restrict internet access and protect critical systems 2 mandatory
2. Reduce attack surface and manage vulnerabilities 3 mandatory, 6 advisory
3. Physically secure the environment 1 mandatory
2 Know and limit access 4. Prevent compromise of credentials 2 mandatory
5. Manage identities and segregate privileges 2 mandatory, 2 advisory
3 Detect and respond 6. Detect anomalous activity to system/transaction records 4 mandatory, 1 advisory
7. Plan for incident response 2 mandatory, 2 advisory

 

Our Services

Our award-winning services

Redscan’s security services are designed to provide the vital assistance needed to make tangible improvements to your organisation’s cyber security posture.

ThreatDetect MDR

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Read more

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Read more
A person choosing from a range of Managed Security Services

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Read more

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
24th February 2021
Cyber attacks reported as rising by 20% in 2020
A new report has highlighted that pandemic-related threats contributed to a 20% increase in cyber security threats in 2020.  
16th February 2021
Redscan’s NIST NVD analysis reveals record number of critical and high severity vulnerabilities in 2020
Our new report explores the more than 18,000 Common Vulnerabilities and Exposures (CVEs) logged to NIST’s National Vulnerability Database in 2020. It reveals that well over half (57%) were rated ‘high’ or ‘critical’ severity – the highest recorded figure for any year to date. Read the report here.
9th February 2021
Only a third of UK organisations offer cyber security training for remote workers
According to a new report, just a third of UK organisations have offered staff working from home any cyber security training, despite the rapid rise in remote working.  
2nd February 2021
UKRI suspends services due to ransomware attack
UK government body, UK Research and Innovation (UKRI), has had to take a number of services offline while it investigates a ransomware attack on its systems which took place at the end of January. The attack led to the encryption of data by a third party and affects a number of its online assets.