The FINSEC integrated platform has been deployed in banking environments, as a means of protecting the cyber and physical assets that comprise the SWIFT networking infrastructure. The platform is used to monitor physically the computer room where the SWIFT ecosystem resides. It reports abnormal behavior, as well as unusual sequences of events that are associated with the use of the SWIFT network. To this end, cyber operations associated with SWIFT HSM administration operation (e.g., establishment of secure SSH connections) are correlated with every incident of physical access to the computer room. Likewise, the cyber operations that are associated with SWIFT transactions (e.g., transmission of transactions via the network) are monitored for potential abnormalities.
Information about the monitored assets are displayed in the FINSEC Dashboard. Likewise, alerts associated with the detection of abnormal situations are visualized.
Innovation
The main innovation of the solution lies in its adaptive nature. Deployers of the security monitoring infrastructures can access richer information when needed (e.g., upon the detection of a security indicator). At the same time, the solution provides less information in its regular operation in order to economize on storage and bandwidth resources.