Download - NYBF 2014 - Cyber Threats
Agenda
• Excerpts from Cyber Security Session at SIBOS 2013
– Internal Threats
– Security Spending
– Cyber Attacks
– Hack-tivism
– What keeps you up at night?
– Regulation
• What can SWIFT do?
– An innovative idea
3 SWIFT Business Forum New York - March 4, 2014
Internal Threats
• Traditional practices still important
• Know your data
• Technologies to detect out of character activity
– Anticipate errors
– Spot patterns to detect
• Education
• Road test procedure
• Lock down
• Fast response & recovery is key
• There are no guarantees
• There's more to do
5 SWIFT Business Forum New York - March 4, 2014
Security Spending
• Spending on security is growing
• Cycles of investment
– Prevention
– Detection
– Rapid response
– Recovery and business continuity
• Board level issue
• Attacks and solutions continuously evolve
7 SWIFT Business Forum New York - March 4, 2014
Cyber Attacks
• Attacks are growing
• More sophistication
• Intelligence sharing is key
• Softer targets are vulnerable
• Technology is fundamental
• Telecom providers are vital resources
9 SWIFT Business Forum New York - March 4, 2014
Hack-tivism
• Not driven by profit
• Willing to take more risk
• Motivations are different
• Deeper pockets
• State-sponsored?
11 SWIFT Business Forum New York - March 4, 2014
What Keeps You Up at Night
• There is always the next threat
• Not just protecting your own institution
• Interconnected world
• Need a playbook
• Exercise your defenses
13 SWIFT Business Forum New York - March 4, 2014
Regulation
• Policies not prescriptive regulation
• Public Private Partnership
• Soft targets will be repeatedly attacked
• Collaboration beween regulators is vital
• Joint exercises – i.e. Quantum Dawn 2
15 SWIFT Business Forum New York - March 4, 2014
Summary
• These events will occur
• How will we recover
• Think about issue in advance
• It is a risk issue, not an IT issue
• Have the intel
• Monitor
• Be able to respond & investigate
17 SWIFT Business Forum New York - March 4, 2014
SWIFT on Cyber Security
SWIFT CEO Gottfried Leibbrandt spoke at the European
Commission High Level Conference on Cyber-Security in
Brussels on February 28th
• The cyber threat is very real and persistent
• Cyber-attacks are getting ever more sophisticated, better
organised and funded
• Cyber concerns are not new for SWIFT
• The network meets the highest standards in terms of
confidentiality, integrity and availability
• As a global infrastructure, we would like to see:
– International coordination
– Standards
– Vibrant ecosystems of experts and providers
19 SWIFT Business Forum New York - March 4, 2014
Using SWIFTNet Browse as a
contingency channel
Arnaud Boulnois: head of product
management Messaging.
March 04th 2014
21
SWIFTNet Browse can provide a
ready-to-use secure and reliable channel
for users to access web applications,
when the normal connectivity path is
unavailable.
SWIFT Business Forum New York - March 4, 2014
Normal service:
22
User Service
Provider
Web Server
www.webap1.bankABC.com
Web address:
www.webap1.bankABC.com
SWIFT is used to support STP flows:
- FileAct
- MT over the FIN platform
- iso20022 via IA S&F
Internet is used as the main channel to support web
based applications. They provide:
- manual data entry.
- consultation of statement and position
- manual upload / download of files.
SWIFT Business Forum New York - March 4, 2014
For reasons that many service providers have
experienced, the internet channel can be
unavailable, and outages can last days…
Next slides explains how SWIFT solutions allow
the bank and its customers to continue to do
business in a secured environment
23 SWIFT Business Forum New York - March 4, 2014
Solution for the Bank: be ready to manage
Browse service via SWIFTNet
24
webap1.bankABC.browse.swiftnet.sipn.swift.com
STEP 1
- Register as a SWIFTNet Browse service
provider
- Integrate the web application with SWIFT
“federated identity platform”, using SAML 2.0
technology
- Publish your service on swift.com
user Service
Provider
X
SWIFT Business Forum New York - March 4, 2014
Solution for the bank’s customers: be ready
to reach the service via SWIFT
There will be 2 ways to reach the service:
Via the SWIFT private network (option 1).
Over Internet via SWIFT Internet Service Providers (option 2).
25
User Service
Provider
webapp1.bankABC.browse.swiftnet.sipn.swift.com
X
STEP 2:
- Have customers registered into the service
- Have one valid SWIFT certificate per user
(SWIFTNet certificate and 3skey later).
- Make sure connectivity is available.
Option 2:
Internet
Option 1:
Secured
private
network
Secured
private
network
SWIFT Business Forum New York - March 4, 2014
Service key characteristics
• No emergency activation or provisioning
• Can also be used as primary channel
Service is available immediately
• Re-use existing SWIFTNet infrastructure
• Make sure you have the correct bandwidth
• Make the best use of your SWIFT spare capacity
Setup is easy
• Can reach via internet or SWIFT network
• Minimize loss of access to web application
Will also help your customers
• Shutting down one channel has less impact on the business.
Will make your operations easier
26 SWIFT Business Forum New York - March 4, 2014
Service provider: setup and activation of the
service
Register as service
provider on Browse
(use SPF Form with
assistance of
SWIFT).
Wait for SWIFT to
provision the service
and create dedicated
www.swift.com
registration page for
service users.
Define connectivity
solution to make the
Web Server reachable
via SWIFTNet and
Integrate it with SWIFT
IDP.
Validate users
registrations
(same process as
MA-CUG registration
management).
27 SWIFT Business Forum New York - March 4, 2014
Service user: activation process for
SWIFTNet users (option 1).
Have institution
registered into the
service (via
www.swift.com
dedicated page)
Get confirmation from
SWIFT that the bank
has accepted the
request.
Install security device,
webplatform, create
certificate, update DNS
and proxy settings.
Test and validate
connectivity.
28 SWIFT Business Forum New York - March 4, 2014
SWIFT connection provides peace-of-mind
29
• Highly available connectivity "ready-to-use"
• Secure and reliable infrastructure - used by many
financial institutions and corporates worldwide
• Several connectivity options available (bandwidth,
resilience, etc)
• Corporate users can re-use their infrastructure
• Easy to integrate in your web server environment
• Strong user authentication by SWIFT
• Consultancy services available for smooth
implementation
SWIFT Business Forum New York - March 4, 2014
Easy ordering and implementation steps
30
• No charges to corporate user
• Service provider pays yearly
fee to cover all traffic
(fixed fee per year to connect
a number of users)
• Use our consultancy services to
o analyse capacity (eg bandwidth)
requirements and upgrade if required
o integrate the solution in your web server
environment
• Define and setup the
service with SWIFT
(such as URL)
• Ask your corporate
users to subscribe
SWIFT Business Forum New York - March 4, 2014
Please provide us with your feedback!
• Kindly complete the survey form and submit upon exiting
33 SWIFT Business Forum New York - March 4, 2014