Your Future Project you CAN Re IMAGING

Societe Generale

Societe Generale is a major European financial services group with a global presence, offering a wide range of banking, financial advisory, and investment services.

white wall paint in close up photography

Needs

Societe Generale needed to enhance its SWIFT infrastructure's cyber resilience to meet stringent regulatory requirements from the ECB and FCA, including stress testing for cyberattack recovery. Concurrently, they aimed to align their digital operational resilience with the new DORA (Digital Operational Resilience Act) EU Regulation 2025, focusing on risk assessment, incident response, and third-party risk management within their Azure Cloud and Private Cloud environments.

Solution

A SWIFT Cyber Resilience framework was architected on Microsoft Azure. This involved deploying SWIFT Alliance with Thales HSMs, leveraging Azure Key Vault for encryption key management (data solution), Azure ExpressRoute for secure co-location connectivity (integration solution), Azure Firewall, Azure Bastion, and Microsoft Defender for Cloud for robust security. For DORA compliance, a comprehensive risk assessment was conducted. Azure services like Azure Entra ID (Azure AD) for identity management, Azure PAM for privileged access, Azure Sentry for real-time error monitoring, and Azure Defender for cloud workload protection (data science for security/monitoring) were integral. A multi-cloud (Azure, AWS, Private Cloud) Landing Zone for Certificate Authority Infrastructure was also established using AWS Private CA.

Achievements

  • SWIFT Cyber Resilience: Implemented a resilient SWIFT infrastructure on Azure, meeting ECB/FCA stress test requirements. Utilized Thales HSM, Azure Key Vault, ExpressRoute, Azure Firewall.

  • DORA Compliance Framework: Established a framework for DORA, including risk assessments (data solution for risk data), incident response plans, and third-party risk management, leveraging Azure security services.

  • Azure/AWS Cybersecurity: Deployed Certificate Authority Infrastructure on AWS Private CA and established Landing Zones across Azure, AWS, and Private Cloud. Led enforcement of NIST-based cybersecurity framework, integrated Azure CyberArk, and utilized Azure Sentry and Azure Defender for real-time monitoring and application protection (data science).

  • Multi-Cloud Strategy: Developed and guided a large-scale multi-cloud strategy for private and public clouds, educating on emerging technologies like Generative AI.

Benefits

  • Strengthened Cyber Resilience: Significantly improved recovery capabilities from cyberattacks on critical SWIFT infrastructure.

  • Enhanced Regulatory Compliance: Achieved alignment with ECB, FCA, and DORA requirements.

  • Improved Security Posture: Implemented advanced Azure security services (Defender, Sentry, Entra ID) and a NIST-based framework.

  • Operational Efficiency: Simplified cybersecurity operations through Azure's integrated security features and automation.