In its role as a banking supervisor, the European Central Bank (ECB) asks the largest euro area banks to report significant cyber incidents as soon as they detect them. This helps the ECB identify and monitor trends in cyberattacks, which puts it in a position to be able to react more swiftly to a potential crisis caused by a cyberattack.

The Threat Intelligence-based Ethical Red Testing (TIBER-EU) Framework enables European and national authorities to work with financial infrastructures and institutions to put in place a programme to test and improve their resilience against sophisticated cyberattacks.

Due to the inherent risks associated with red team testing, TIBER-EU includes as a key element for risk management the use of the most competent, qualified and skilled threat intelligence and red team providers with the necessary experience to conduct red team tests.

Consequently, the ECB has now published the TIBER-EU Framework Services Procurement Guidelines. These guidelines:

  • set out the requirements and standards that must be met by threat intelligence and red team providers to deliver recognised TIBER-EU tests;
  • offer guiding principles and selection criteria for entities, as they look to procure services from prospective providers; and
  • provide questions and agreement checklists that could be used when entities undertake their due diligence and look to formalise the procurement process with the TI/RT providers.