SWIFT is a global provider of secure financial messaging services that connects thousands of banks, financial institutions and corporations all over the world. However, it does not monitor or control the messages that users send through its system. So, all issues with privacy and compliance with SWIFT security controls rest with the financial institutions handling them, and their competent international and national authorities.
The SWIFT Customer Security Controls Framework describes a set of both mandatory and advisory security controls for all SWIFT customers. Here is a quick overview how LogSentinel SIEM can help all kinds of financial institutions achieve compliance and cover both the mandatory and advisory requirements.
Mapping between SWIFT Customer Security Controls Framework 1.0 and LogSentinel SIEM Functionalities
# | Requirement | LogSentinel SIEM Functionalities |
1 | 1.2 Operating System Privileged Account Control (Mandatory) | |
Control Objective: Restrict and In-scope components: Risk Drivers: | LogSentinel SIEM utilizes the blockchain technology and stores the logs for every single action in a private blockchain, including the logs tracking the usage of administrator-level operating system accounts. Thus, it ensures that the logs are not modified, altered or deleted. Also, there is no opportunity for an attacker to use the privileges of the administrator-level account as part of an attack. In order to prevent deletion of logs and forensic evidence, excess privilege of access, and unauthorized system changes (especially from administrators and users with PAM rights), LogSentinel SIEM supports the option LogSentinel SIEM has a built-in anomaly detection that monitors all accesses and actions of the administrator-level accounts. In case of an abusive usage of the | |
2 | 2.1 Internal Data Flow Security (Mandatory) | |
Control Objective: Ensure the In-scope components: Risk Drivers: | LogSentinel SIEM provides complete data confidentiality, integrity, and authenticity for all information stored • Pushing hashes, representing the complete state of all data to external stakeholders via e-mails or text message. LogSentinel SIEM ensures that it is technically impossible to breach data integrity, confidentiality and authenticity without detection. | |
3 | 2.4 A Back-office Data Flow Security (Advisory) | |
Control Objective: Ensure the In-scope components: Risk Drivers: | LogSentinel SIEM protects the confidentiality, integrity, and authenticity of data by cryptographic means based on blockchain. It ensures that it is technically impossible to breach data integrity, confidentiality and authenticity without detection. | |
4 | 2.6A Operator Session Confidentiality and Integrity (Advisory) | |
Control Objective: Protect the In-scope components: Risk Drivers: | LogSentinel SIEM provides functionalities for storing logs of all events or activity in the IT systems including the operator sessions connecting to the local SWIFT infrastructure. LogSentinel SIEM ensures complete data integrity and confidentiality for all information stored within the solution by utilizing blockchain technology. LogSentinel SIEM provides secure audit trail that stores information about who did what and when. And all of that data can be reviewed through the intuitive dashboard. | |
5 | 5.1 Logical Access Control (Mandatory) | |
Control Objective: Enforce the In-scope components: Risk Drivers: | LogSentinel SIEM provides functionalities for storing logs of all events or activity in the IT systems. Anomalous detection functionalities can be used to comprehensively monitor for unusual behavior in system activity. LogSentinel SIEM has an intuitive dashboard that allows to drill down to specific timeframe, users or actions. | |
6 | 5.4A Physical and Logical Password Storage (Advisory) | |
Control Objective: Protect In-scope components: Accounts and passwords defined on the following •SWIFTNet Online Operations Manager and swift.com Risk Drivers: | LogSentinel SIEM can log: All of these logs will be stored in an unmodifiable way based on the blockchain technology. Thus, LogSentinel SIEM guarantees that only authorized people have accessed the passwords. | |
7 | 6.3 Database Integrity (Mandatory) | |
Control Objective: Ensure the In-scope components: Risk Drivers: | LogSentinel SIEM can store and monitor all logs related to database changes and modification. The logs can’t The anomaly detection module sends immediate alerts in case of identified security event to prevent against unexpected modification of records stored within the database. | |
8 | 6.4 Logging and Monitoring (Mandatory) | |
Control Objective: Record In-scope components: Risk Drivers: | LogSentinel SIEM logs every user or system event, storing the logs in a private blockchain and displaying them in its dashboard for easy monitoring and management. LogSentinel SIEM has built-in capabilities for detecting anomalous behavior. On top of that, the following event logs can be stored in one place, |
The financial sector is heavily regulated and apart from the SWIFT security controls, we have previously showed you how LogSentinel SIEM can help you also cover compliance with other crucial regulations such as the new PSD2 requirements and the General Data Protection Regulation, for example.
In case you would like to get compliance out of the way, talk to us today and let us help you protect not just your messaging processes but all your sensitive data across all the systems in your organisation.

Denitsa is a Digital Marketing Analyst at LogSentinel with strong interest in the field of Information Security. She has 5 years of valuable experience in the field of Digital Marketing and Public Relations. Denitsa holds a degree in Journalism from Birmingham City University and has passed various Digital Marketing masterclasses and courses.