Risk and Business Continuity at SWIFT

Slides:

Advertisements

Similar presentations

ICANN Plan for Enhancing Internet Security, Stability and Resiliency.

Advertisements

All rights reserved © 2000, Alcatel 1 CPE-based VPNs Hans De Neve Alcatel Network Strategy Group.

PUENTE IN THE CARIBBEAN

Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.

ONE PLANET ONE NETWORK A MILLION POSSIBILITIES Barry Joseph Director, Offer and Product Management.

BCP: Emerging Themes for Custodians Giles Elliott SVP, Head of Business Development & Support HSBC Securities Services, Hong Kong.

Bridging the Gaps: Public Health and Radiation Emergency Preparedness Mr. James Kish, Director Technological Hazards National Preparedness Directorate.

Chapter 15 The Third Component: Powerful Networks.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Telecommunication and Networks

ITSC Report From The CIO: Network Program Update 25 September 2014.

Stephen S. Yau CSE , Fall Security Strategies.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Partners Swift Bureau SWIFT Treasury ERPs Middle Ware IBM WBIFN + SAG.

Services Tailored Around You® Business Contingency Planning Overview July 2013.

Virtual Private Network prepared by Rachna Agrawal Lixia Hou.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

1 Wide Area Network. 2 What is a WAN? A wide area network (WAN ) is a data communications network that covers a relatively broad geographic area and that.

Embracing IP Multimedia Services for Strategic Business Advantage Rick Seeto VP & GM Enterprise Networks, Asia Pacific.

WELCOME!. Page: 2 Agenda One is impressive – two make a powerful team! Networking solutions, the Extreme way Coffee Break Security solutions, the NetScreen.

© 2009 IDBI Intech, Inc. All rights reserved.IDBI Intech Confidential 1 Information (Data) Security & Risk Mitigation.

How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

N-Wave Shareholders Meeting May 23, 2012 N-Wave Security Update Lisa

Paul M Kane Director, Issues to think about! APTLD Members’ Meeting in Kuala Lumpur 1 – 2 March 2010 Contingency Planning.

Presentation by Paul Vine In partnership with Version Sabre and Business Continuity Planning.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

1 BANK OF ALBANIA AIPS PROJECT. 2 What is AIPS? AIPS Project Implementation Plan AIPS Activities & Responsibilities AIPS Operational Security & Resilience.

1 November 2008 David Hall Sales Manager – New Business Data Centre Hosting for the M-Business.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

AT&T Response Terrorist Attack September 11, 2001 Presentation to NRIC V PJ Aduskevicz October 30, 2001 Presentation to NRIC V PJ Aduskevicz October 30,

Chapter 6 of the Executive Guide manual Technology.

Our Channel 3 The Team Liat Ivri Nadav Elkabets Orit Cittone Nir Peim.

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

Cyber Security & Fraud – The impact on small businesses.

Hosted by Why You Need a Storage Management Organization Ray Paquet Vice President & Research Director Gartner.

Session 151 Crisis Communication in a Changing Media World Session 15 Slide Deck Slide 15-

CIXPPaolo Moroni (Slide 1) SwiNOG ( ) CERN Internet Exchange Point l In Geneva, Switzerland, on the Franco-Swiss border l Co-located with the.

AXELOS.com PUBLIC Kevin Holland Service Management An example ITIL-based model for effective Service Integration and Management.

How to Sell T-Link TL250/300. T-Link Internet & Network Alarm Communicators Internet alarm communications for multi-branch Financial Institutions, Governments,

Slide 1 Filename_Vx.ppt SWIFTNet Migration DE/AT DIDUG, May 2003 Claudia König Regional Account Manager.

VPN. What is VPN An arrangement that provides connections between: An arrangement that provides connections between: –Offices –remote workers and –the.

Promoting excellence in social security Building on sector wide commonalities to enhance the benefits of Information.

The development of the market infrastructure for payment and securities handling Ramzi Hamadeh Group 2 Frankfurt am Main,

Connect communicate collaborate Research Networking: A “20/20” Vision UAE Forum in Information and Communication Technology Research 2010 Dai Davies, DANTE.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

Crisis Management Crisis: any situation that has the potential to affect long-term confidence in an organisation or product and may interfere with its.

1 Ubuntunet Alliance Albert Nsengiyumva Deputy Chair, UbuntuNet Coordinator, RwEdNet Development Partner Meeting 10 November 2008, Lilongwe, Malawi.

OECD NETWORK MODEL: OECD Network of Parliamentary Budget Officials and Independent Fiscal Institutions Lisa von Trapp Association of Parliamentary Budget.

Global Partnership for Enhanced Social Accountability (GPESA) December 19, 2011 World Bank.

© National Bank of Belgium Exploring Frontiers in Payments Systems Development Washington DC, May 29 - June 1, 2007 Johan PISSENS Head of Oversight Unit.

SueDon Ltd - Business Continuity Management BCM Overview ©1999 SueDon Ltd Business Continuity Management.

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

SIP & How It Relates To YOUR Business. Jeff S. Olson Director of Marco Carrier Services David Bailey-Aldrich Technology.

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

SWIFT Business Continuity & Connectivity

Financial Services Sector Coordinating Council (FSSCC) 2011 KEY FSSCC INITIATIVES 2011 Key FSSCC Initiatives Project Name: Project Description: All-Hazards.

AEO COMPLIANCE PROGRAM Authorized Economic Operator Requirements.

Spotlight on SWIFT Community Cloud African Regional Conference - May 2016 Louise Mostert, Sophie Racquet.

Resilience best practices in the aviation field

SECURITY IN VIRTUAL PRIVATE NETWORKS PRESENTED BY : NISHANT SURESH.

Chris Lintern Co-operative Financial Services

Information Technology Sector

Cluster Communications

Wide Area Network.

CCNET Managed Services

Business Contingency Planning

John M. Felker Director, NCCIC.

Global One Communications

Presentation transcript:

Risk and Business Continuity at SWIFT Harry Newman Budapest 14 November 2007

Risk and Business Continuity Community ownership, governance, and involvement in business continuity planning Technical and operational excellence Assurance and transparency

Governance and Oversight National Bank of Belgium (lead overseer) and G-10 central banks Governance Board Board committees National groups User groups SWIFT community

Risk and Business Continuity Community ownership, governance, and involvement in business continuity planning Technical and operational excellence Assurance and transparency

Building the resilient financial infrastructure A co-ordinated approach SWIFT actions Stronger cyber security and hardened physical security Staff security procedures and enhanced vetting Service continuity improvements Crisis management Security People Service continuity Crisis mgmt

Security evolution of SWIFT services 1977 1991 1995 1996 2003 2007 Members/ Messages 239/ 15 million 430/ 365 million 5,272/ 604 million 5,511/ 688 million 7,527/ 2048 million Relationship Management BK Paper BK Disc RMA Message Authentication BK Paper BK Disc PKI HSM PKI Keys Disc Encryption STEN Cylink VPN Box Access Control ICC Cards / Card Reader PKI HSM Increased Security

Resilience across all dimensions Customer OPCs Networks SWIFT OPCs Access networks SWIFT’s backbone network Customer Resilience across all dimensions

Customer resilience SWIFTSupport Enhanced for 108 Critical Customers sending 75% of global traffic on SWIFTNet Mandate highest customer resilience Service managers perform system and process health-checks Command centre handles crisis and enforces post-incident improvement actions Dual sites and components Dual sites, components and Network Partners SWIFT’s backbone network Dual sites Single leased lines Increased customer resilience Single site SWIFT’s backbone network

Resilient IP Access Network Multi-vendor IP network managed by SWIFT Risk spread across multiple networks (AT&T, COLT, Equant, BT Infonet) 6 Backbone Access Points globally for Network Partners to connect to Swift Customers multiply connected to Swift Secure VPN overlay network Managed service 24x7 monitoring critical customers are encouraged to use multiple network partners

Swift Backbone Network Global backbone network Interconnect Swift’s OPCs and Backbone Access Points Designed for Dual Point of Failure (DPOF) resilience Resilience is built into both the backbone and the networks carried over it Full capacity for main message flow under dual failure conditions Multiple carrier trunks using separate cables Routing of circuits dealt with to the road level to avoid common points of failure for different carriers

SWIFT OPC resilience Layer 1 Day to day resiliency. Multiple connections, protected sites, built in backup within Operating Centres Layer 2 Intercontinental backup in 30 minutes in the unlikely event layer 1 fails Layer 3 Disaster Recovery Infrastructure for the extreme case where layer 2 is not enough

Crisis management to the next level SC3 - SWIFT Crisis Co-ordination and Communication COMMAND CENTRE EURO Updates SC3 SECRETARIAT SWIFT OPS US DOLLAR SC3 UK POUND SWIFT Crisis Management + OPC(s) resilience and recovery JAPANESE YEN SWISS FRANC

Customer support – 24 x 7 x 365 Americas EMEA Asia Pacific

Failure Is Not An Option FNAO culture at SWIFT Prevent Plan Incidents Learn Manage Failure Is Not An Option Slide 14

Recent history of availability results 2007 YTD Results * 2006 Result 2005 Result 2004 Result FIN Core Service 99.976% 99.996% 99.999% 99.994% SWIFTNet Core Service 99.992% 100% Note: During this period, SWIFT resilience prevented availability impact from any natural disasters, including the Taiwan earthquake in December 2006 that caused significant problems for other service providers in Asia. * Reflects YTD results through May 2007

Risk and Business Continuity Community ownership, governance, and involvement in business continuity planning Technical and operational excellence Assurance and transparency

Assurance and transparency Providing greater assurance – SAS 70

SWIFT’s on going commitment Our vision is to be global financial community's foremost messaging infrastructure that is lowest risk and highest resilience