SWIFT are running a series of courses and bootcamps to help banks’ IT, Operations, Risk, Compliance, Product and other functions understand these threats and have the capability to respond. The content of the course has important indicators as to what corporate treasury departments should do as well.

SWIFT Security Bootcamp

The SWIFT Security Bootcamp training for benefit of the Singapore banking community aims to educate bank personnel on the techniques of common attacks, the key security controls that will protect sensitive data and digital assets, and enable the bank to appropriately respond. This training will further enable the bank to protect its own institution, operate with counterparties in an environment where transactions are suspect, and investigate fraudulent transactions to recover from suspected compromises. The three domains that be will covered:

• How to secure your environment: Securing your own local environment is the most important action you can take. Securing the physical set-up of your local SWIFT-related infrastructure and putting in place the right people, policies and practices, are critical to avoiding cyber related fraud.
• How to operate with counterparties: Companies do not operate in a vacuum and all financial institutions are part of a broader ecosystem. That is why it is also vital to manage security risks in your interactions and relationships with your counterparties.
• How to operate in the banking community: The financial industry is truly global, and so are the cyber challenges it faces. What happens to one company in one location can easily be replicated elsewhere in the world. That is why SWIFT is encouraging two important community principles: Share and Prepare.

The cyber security training

The training will be delivered by professional trainers and subject matter experts. They will apply a combination of theoretical cyber security games, and practical best practice advice to ensure MULTI-channel learning. The program covers following topics:

• Cyber security concepts and terminology
• SWIFTNet PKI and the role of SWIFTNet Security Officers
• Hardware Security Module
• Alliance security management
• Administering and using swift.com
• Best practice guidelines.

SWIFT plea

The SWIFT sales blurb on the bootcamp finishes with this plea: “This is a limited opportunity for banks to come together, learn from one another and build capability to respond to these potentially damaging threats. Please nominate senior representatives of each function from your bank to attend this training.”

---

CTMfile take: No wonder SWIFT are providing such training as bank cybersecurity breaches and vulnerabilities threaten the very foundation of their financial messaging network. Some corporates would welcome such a course too.