The European Central Bank (ECB) has published European framework for testing the financial sectors’ resilience to cyber attacks.
The European Framework for Threat Intelligence-based Ethical Red Teaming (TIBER-EU) claims to the first Europe-wide framework for controlled and bespoke tests against cyber attacks.
TIBER-EU framework facilitates a ‘harmonised European approach’ towards intelligence-led tests which mimic the tactics, techniques and procedures of real hackers who can be a genuine threat.
The tests simulate a cyber attack on an entity’s critical functions and underlying systems, such as its people, processes and technologies, which will help assess the entity’s protection, detection and response capabilities.
It has been designed for national and European authorities and entities that form the ‘core financial infrastructure’, including entities with cross-border activities which fall within the regulatory remit of several authorities. The framework can be used for any type of financial sector entity, as well as entities in other sectors.
ECB said: “It is up to the relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed. Tests will be tailor-made and will not result in a pass or fail – rather they will provide the tested entity with insight into its strengths and weaknesses, and enable it to learn and evolve to a higher level of cyber maturity.”
Earlier this month, The European Central Bank and the Bank of England said they will bring together a working group on Brexit-related risks.
ECB and BoE said they will convene a technical working group on risk management in the period around 30 March 2019 in the area of financial services. The group, which will be chaired by the president of the ECB and the Governor of the Bank of England, will see The European Commission and HM Treasury attend as observers. Other relevant authorities will be invited on an issue-specific basis.
According to recent research from RegTech Analyst, cybersecurity investments declined in Q1 2018. Total investment in Q1 2018 reached just $725.8m, a fall of 47.7% from the previous quarter. However, compared to the same quarter in 2017, total funding increased by 27%. The drop in investment in Q1 2018 can be attributed to a lack of later-stage deals valued above $100m.
Copyright © 2018 RegTech Analyst
Copyright © 2018 RegTech Analyst
