A More Business-centric Approach to help Reduce Business Continuity Risk.
Slide 1 Risk and Business Continuity Risk and Business Continuity at SWIFT Harry Newman Budapest 14...
-
date post
18-Dec-2015 -
Category
Documents
-
view
214 -
download
0
Transcript of Slide 1 Risk and Business Continuity Risk and Business Continuity at SWIFT Harry Newman Budapest 14...
Slide 1
Risk and Business Continuity
Risk and Business Continuity at SWIFT
Harry NewmanBudapest 14 November 2007
Slide 2 Risk and Business Continuity
Risk and Business Continuity
Community ownership, governance, and involvement in business continuity planning
Technical and operational excellence Assurance and transparency
Slide 3 Risk and Business Continuity
Governance and Oversight
Oversight
Governance
National Bank of Belgium (lead overseer)and G-10 central banks
Board
Board committees
National groups
User groups
SWIFTcommunity
Slide 4 Risk and Business Continuity
Risk and Business Continuity
Community ownership, governance, and involvement in business continuity planning
Technical and operational excellence Assurance and transparency
Slide 5 Risk and Business Continuity
Building the resilient financial infrastructureA co-ordinated approach
SWIFT actions Stronger cyber security and
hardened physical security Staff security procedures
and enhanced vetting Service continuity
improvements Crisis management
Se
curi
ty
Pe
ople
Se
rvic
e co
ntin
uity
Cri
sis
mg
mt
Slide 6 Risk and Business Continuity
Security evolution of SWIFT services
Message Authentication
1977 1991 1995 20031996 2007
RelationshipManagement
BK Paper BK Disc RMA
BK Paper BK Disc PKI HSM
Encryption STEN Cylink VPN Box
Access Control ICC Cards / Card Reader PKI HSM
Increased Security
PKI Keys Disc
Members/Messages
239/15 million
430/365 million
5,272/604 million
5,511/688 million
7,527/2048 million
Slide 7 Risk and Business Continuity
Resilience
Customer OPCs Networks
Customer
SWIFT’sbackbonenetwork
Access networks
Resilience across all dimensions
SWIFT OPCs
Slide 8 Risk and Business Continuity
SWIFT’sbackbonenetwork
SWIFT’sbackbonenetwork
Customer resilience
Mandate highest customer resilience
Service managers perform system and process health-checks
Command centre handles crisis and enforces post-incident improvement actions
Single site
Dual sitesSingle leased lines
Dual sitesand components
Dual sites, componentsand Network Partners
SWIFTSupport Enhanced for 108 Critical Customerssending 75% of global traffic on SWIFTNet
Customer OPCs Networks
SWIFT’sbackbonenetwork
Access networks
SWIFT OPCs
Increased customer resilience
Slide 9 Risk and Business Continuity
Resilient IP Access Network
Multi-vendor IP network managed by SWIFT Risk spread across multiple networks
(AT&T, COLT, Equant, BT Infonet) 6 Backbone Access Points globally for Network
Partners to connect to Swift Customers multiply connected to Swift Secure VPN overlay network Managed service 24x7 monitoring
critical customers are encouraged to use
multiple network partners
Slide 10 Risk and Business Continuity
Swift Backbone Network
Global backbone network Interconnect Swift’s OPCs and Backbone Access
Points Designed for Dual Point of Failure (DPOF) resilience
– Resilience is built into both the backbone and the networks carried over it
– Full capacity for main message flow under dual failure conditions
Multiple carrier trunks using separate cables– Routing of circuits dealt with to the road level to
avoid common points of failure for different carriers
Slide 11 Risk and Business Continuity
Layer 1Day to day resiliency. Multiple connections,
protected sites, built in backup within Operating Centres
Layer 1Day to day resiliency. Multiple connections,
protected sites, built in backup within Operating Centres
Layer 2Intercontinental backup in 30 minutes in the
unlikely event layer 1 fails
Layer 2Intercontinental backup in 30 minutes in the
unlikely event layer 1 fails
Layer 3Disaster Recovery Infrastructure
for the extreme case where layer 2 is not enough
Layer 3Disaster Recovery Infrastructure
for the extreme case where layer 2 is not enough
SWIFT OPC resilienceCustomer OPCs Networks
SWIFT’sbackbonenetwork
Access networks
SWIFT OPCs
Slide 12 Risk and Business Continuity
Crisis management to the next level
SWIFT OPSSWIFT OPS
COMMAND CENTRE
COMMAND CENTRE
SC3SECRETARIAT
SC3SECRETARIAT
SC3SC3
EUROEURO
US DOLLARUS DOLLAR
JAPANESE YEN
JAPANESE YEN
UK POUNDUK POUND
SWISS FRANCSWISS FRANC
Updates
SC3 - SWIFT Crisis Co-ordination and Communication
SWIFT Crisis Management
+OPC(s) resilience
and recovery
Slide 13 Risk and Business Continuity
EMEAAsia Pacific
Americas
Customer support – 24 x 7 x 365
Slide 14 Risk and Business Continuity
FNAO culture at SWIFT
Prevent
Plan
Manage
LearnIncidents
Failure Is Not An Option
Slide 14
Slide 15 Risk and Business Continuity
Recent history of availability results
2007 YTD 2007 YTD Results *Results *
2006 2006 ResultResult
2005 2005 ResultResult
2004 2004 ResultResult
FIN Core ServiceFIN Core Service 99.976% 99.996% 99.999% 99.994%
SWIFTNet Core ServiceSWIFTNet Core Service 99.992% 100% 99.999% 99.994%
Note: During this period, SWIFT resilience prevented availability impact from any natural disasters, including the Taiwan earthquake in December 2006 that caused significant problems for other service providers in Asia.
* Reflects YTD results through May 2007
Slide 16 Risk and Business Continuity
Risk and Business Continuity
Community ownership, governance, and involvement in business continuity planning
Technical and operational excellence Assurance and transparency
Slide 17 Risk and Business Continuity
Assurance and transparencyProviding greater assurance – SAS 70
Slide 18 Risk and Business Continuity
Our vision is to be global financial community's foremost messaging infrastructure that is lowest risk and highest resilience
SWIFT’s on going commitment