On 17 December 2018, the European Central Bank (ECB) published guidance on a white team’s roles and responsibilities in a TIBER-EU test.
The Threat Intelligence-based Ethical Red Testing (TIBER-EU) Framework enables European and national authorities to work with financial infrastructures and institutions to put in place a programme to test and improve their resilience against sophisticated cyberattacks. Due to the inherent risks associated with red team testing, TIBER-EU includes as a key element for risk management the use of the most competent, qualified and skilled threat intelligence and red team providers with the necessary experience to conduct red team tests. Earlier this year the ECB published TIBER-EU Framework Services Procurement Guidelines. These guidelines set out the requirements and standards that must be met by threat intelligence and red team providers to deliver recognised TIBER-EU tests (our blog is here).
A white team is the team within the entity being tested that is responsible for the overall planning and management of the test, in accordance with the TIBER-EU Framework. The guidance now published by the ECB covers the:
- roles and responsibilities of the white team during the preparation, testing and closure phases of a TIBER-EU test;
- composition of the white team;
- requisite skills and experience of the white team; and
- organisational aspects of the white team.
The ECB states that when an authority adopts TIBER-EU, tests will only be considered TIBER-EU tests when they are conducted in accordance with the TIBER-EU Framework, including the TIBER-EU Services Procurement Guidelines and the TIBER-EU White Team Guidance.