05.03.2018

ECB Publishes Framework For Testing Cybersecurity

05.03.2018
  • TIBER-EU is the first European framework for controlled cyber hacking to test resilience of financial market entities
  • Framework facilitates testing for cross-border entities under oversight of several authorities
  • Goals are to help entities gain insight about their protection, detection and response capabilities and to help them fighting cyber attacks

The European Central Bank (ECB) today publishes the European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), which is the first Europe-wide framework for controlled and bespoke tests against cyber attacks in the financial market.

The TIBER-EU framework facilitates a harmonised European approach towards intelligence-led tests which mimic the tactics, techniques and procedures of real hackers who can be a genuine threat. TIBER-EU based tests simulate a cyber attack on an entity’s critical functions and underlying systems, such as its people, processes and technologies. This helps the entity to assess its protection, detection and response capabilities against potential cyber attacks.

The TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including entities with cross-border activities which fall within the regulatory remit of several authorities. The framework can be used for any type of financial sector entity, as well as entities in other sectors.

It is up to the relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed. Tests will be tailor-made and will not result in a pass or fail – rather they will provide the tested entity with insight into its strengths and weaknesses, and enable it to learn and evolve to a higher level of cyber maturity.

Source: ECB

Related articles

  1. Cybersecurity Still a Work in Progress

    Brokers need to bolster protection against the "account intrusion" threat.

  2. The Crypto Assets and Cyber Unit in the Division of Enforcement will grow to 50 dedicated positions.

  3. Cyber-Criminals Target Wall Street

    Participants included over 1,000 representatives from more than 20 countries.

  4. Cyber-Criminals Target Wall Street

    COVID-19 pandemic and geopolitical tensions round out the top three threats in DTCC survey.

  5. Cyber Security Looms Large at Sibos

    The Australian regulator concluded its investigation into the ASX equity market outage in November 2020.