On 8 May 2018, the European Central Bank (“ECB”) announced the launch of a European framework for testing financial sector resilience to cyber attacks – the European Framework for Threat Intelligence-based Ethical Red Teaming (“TIBER-EU”).
The ECB says that the TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including payment systems, central securities depositories, central counterparty clearing houses, trade repositories, credit rating agencies, stock exchanges, securities settlement platforms, banks, payment institutions, insurance companies, asset management companies and any other service providers deemed critical for the functioning of the financial sector.
However, the use of TIBER-EU is voluntary. It is up to the relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed.
Test outcomes will not be marked as ‘pass’ or ‘fail’, rather the outcome will be a report card on entities’ strengths and weaknesses as highlighted during the testing.
Andrew Moir
Partner, Intellectual Property and Global Head of Cyber & Data Security, London
Key contacts
Andrew Moir
Partner, Intellectual Property and Global Head of Cyber & Data Security, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.