On 2 May 2018, the European Central Bank (ECB) published the European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), which is the first Europe-wide framework for controlled and bespoke tests against cyber-attacks in the financial markets.
TIBER-EU based tests simulate a cyber-attack on an entity’s critical functions and underlying systems, such as its people, processes and technologies. This helps the entity to assess its protections, detection and response capabilities against potential cyber-attacks.
It is up to relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed. Tests will be tailor-made and will not result in a pass or fail – rather they will provide the tested entity with insight into its strengths and weaknesses, and enable it to learn and evolve to a higher level of cyber-maturity.