Contact Us

Contact Us

Please get in touch using the form below

I prefer to be contacted by:
View our privacy policy
Book a CREST penetration test today. Get a quote.

About SWIFT CSP

What is the SWIFT CSP?

The SWIFT Customer Security Programme (CSP) is a framework designed to help financial institutions improve their cyber security posture. All SWIFT members must submit an annual self-attestation of compliance with the controls outlined in the framework.

SWIFT conducts random inspections on its members to ensure that they have appropriate cyber security controls in place and reports any non-compliant organisations to industry regulators, such as the UK’s Financial Conduct Authority.

Speak to an expert

Get in touch

MDR for SWIFT CSP

Managed security services for SWIFT CSP compliance

The SWIFT CSP has three overarching objectives, split across seven key security principles and 27 controls. There are 16 mandatory and 11 advisory security controls. Mandatory controls are designed to establish a security baseline for the SWIFT community, while advisory controls are based on recommended best practice but could become mandatory in the future.

Redscan offers a range of managed security and assessment services to help organisations in the financial sector comply with the full spectrum of CSP controls and validate their annual self-attestations.

 

Objectives Principles Controls
1 Secure your environment 1. Restrict internet access and protect critical systems 2 mandatory
2. Reduce attack surface and manage vulnerabilities 3 mandatory, 6 advisory
3. Physically secure the environment 1 mandatory
2 Know and limit access 4. Prevent compromise of credentials 2 mandatory
5. Manage identities and segregate privileges 2 mandatory, 2 advisory
3 Detect and respond 6. Detect anomalous activity to system/transaction records 4 mandatory, 1 advisory
7. Plan for incident response 2 mandatory, 2 advisory

 

Our Services

Our award-winning services

Redscan’s security services are designed to provide the vital assistance needed to make tangible improvements to your organisation’s cyber security posture.

ThreatDetect MDR

Managed Detection and Response

Award-winning support to rapidly detect and respond to the latest threats 24/7

Read more

Assessment Services

Specialist engagements to uncover and address hidden cyber security risks

Read more
A person choosing from a range of Managed Security Services

Managed Security Services

Expert help to manage and monitor your choice of security technologies

Read more

About us

Why choose Redscan?

  • A leading UK-based MDR company
  • Red and blue team CREST CSOC expertise
  • High-quality intelligence and actionable outcomes
  • Quick and hassle-free service deployment
  • An agnostic approach to technology selection
  • Avg. >9/10 customer satisfaction, 95% retention rate

Get in touch

Complete the form for a prompt response from our team.

I prefer to be contacted by:
View our privacy policy

Resources

Discover our latest content and resources

From the blog
From the blog Case studies Latest news
28th September 2020
Redscan services now available via G-Cloud 12
To help public sector organisations reduce cyber security risk, Redscan's MDR and penetration testing services are now available on G-Cloud 12, the latest iteration of the UK government's digital marketplace, which went live today.  Read more
25th September 2020
Zerologon now being exploited in the wild
Microsoft has warned that attackers are now actively exploiting ‘Zerologon’, a critical vulnerability in the Windows Server Netlogon authentication process. Read Redscan’s Security Advisory to learn how to protect your organisation.
22nd September 2020
Educational institutions warned of spike in ransomware attacks
The National Cyber Security Centre has warned of a recent rise in ransomware attacks on educational institutions. In some cases, hackers have demanded a large Bitcoin ransom as well as threatening to expose the stolen data of students if this isn’t paid.
15th September 2020
Significant number of remote workers use own devices to access company data
A global survey of over 13,000 remote workers has found that 39% of them use their own devices to access data belonging to their employer, often via services and applications hosted in the cloud. Many of the personal devices used to do this were identified as being less secure than corporate devices.