ECB Publishes European Framework For Testing Financial Sector Resilience To Cyber Attacks


Thursday, April 03, 2018   08.40AM / ECB  



·    TIBER-EU is the first European framework for controlled cyber hacking to test resilience of financial market entities

·     Framework facilitates testing for cross-border entities under oversight of several authorities

·    Goals are to help entities gain insight about their protection, detection and response capabilities and to help them fighting cyber attacks

The European Central Bank (ECB) today publishes the European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU), which is the first Europe-wide framework for controlled and bespoke tests against cyber attacks in the financial market. 

The TIBER-EU framework facilitates a harmonised European approach towards intelligence-led tests which mimic the tactics, techniques and procedures of real hackers who can be a genuine threat. TIBER-EU based tests simulate a cyber attack on an entity’s critical functions and underlying systems, such as its people, processes and technologies. This helps the entity to assess its protection, detection and response capabilities against potential cyber attacks. 

The TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including entities with cross-border activities which fall within the regulatory remit of several authorities. The framework can be used for any type of financial sector entity, as well as entities in other sectors. 

It is up to the relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed. Tests will be tailor-made and will not result in a pass or fail – rather they will provide the tested entity with insight into its strengths and weaknesses, and enable it to learn and evolve to a higher level of cyber maturity.


·    For the purposes of the TIBER-EU framework, entities include payment systems, central securities depositories, central counterparty clearing houses, trade repositories, credit rating agencies, stock exchanges, securities settlement platforms, banks, payment institutions, insurance companies, asset management companies and any other service providers deemed critical for the functioning of the financial sector.

·     The ECB promotes the safety and efficiency of payment, clearing and settlement systems in the euro area under its oversight mandate, guided by oversight regulations, standards, guidelines and expectations. At Eurosystem level, the ECB is the competent authority for the systemically important payment systems in the euro area: TARGET2, EURO1 and STEP2-T, and is the lead overseer for TARGET2-Securities; oversight of other payment systems lies with the national central banks.

Proshare Nigeria Pvt. Ltd. 

Related News

1.       UK Cryptocurrency Industry Urges MPs To Back Plans For Regulation

2.      New York Attorney General's Office Launches Inquiry Into Cryptocurrency Trading Platforms

3.      Bank of England Explores Centralized DLT System Open To Regulatory Oversight, Releases PoC

4.   Central Bank of Kenya Starts Implementation of Interoperability of Mobile Phone Financial Services

5.      South Africa’s Central Bank To Establish Self-Regulatory Body To Oversee Crypto Industry

6.      US SEC Breaks Silence On Certain Cryptocurrency Exchanges

7.      MAS And Financial Industry To Develop Guidance On Responsible Use Of Data Analytics

8. Japan Exchange Regulation: Introduction Of Artificial Intelligence To Market Surveillance Operations

9.    Fair Dealing in Advertising: Guidance For Crowdfunding And Peer- to-Peer Lending Published (NZ)

10.  SEC Publishes New Guidance On Cybersecurity Disclosures And Compliance Practice

11.   Establishment of the Euro Cyber Resilience Board for Pan-European Financial Infrastructures

12.  New Malaysian Cryptocurrency Regulation Come Into Effect

13.  Technology and Innovation Support Centre Inaugurated

14.  Again, CBN Warns on Virtual Currencies

Related News