On 8 May 2018, the European Central Bank (“ECB”) announced the launch of a European framework for testing financial sector resilience to cyber attacks – the European Framework for Threat Intelligence-based Ethical Red Teaming (“TIBER-EU”).
The ECB says that the TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including payment systems, central securities depositories, central counterparty clearing houses, trade repositories, credit rating agencies, stock exchanges, securities settlement platforms, banks, payment institutions, insurance companies, asset management companies and any other service providers deemed critical for the functioning of the financial sector.
However, the use of TIBER-EU is voluntary. It is up to the relevant authorities and the entities themselves to determine if and when TIBER-EU based tests are performed.
Test outcomes will not be marked as ‘pass’ or ‘fail’, rather the outcome will be a report card on entities’ strengths and weaknesses as highlighted during the testing.
Miriam Everett
Partner, London
Nick Pantlin
Partner, London
Andrew Moir
Partner, Intellectual Property and Head of Cyber Security and Data, London
Claire Wiseman
Knowledge Lawyer, London
Key contacts
Miriam Everett
Partner, London
Nick Pantlin
Partner, London
Andrew Moir
Partner, Intellectual Property and Head of Cyber Security and Data, London
Claire Wiseman
Knowledge Lawyer, London
Disclaimer
The articles published on this website, current at the dates of publication set out above, are for reference purposes only. They do not constitute legal advice and should not be relied upon as such. Specific legal advice about your specific circumstances should always be sought separately before taking any action.