Ethical hacking to boost resilience

Datum 29 november 2017

The joint Threat Intelligence Based Ethical Red Teaming (TIBER) programme aims to boost the cyber resilience of financial key institutions, including DNB itself.

Ethisch hacken voor meer cyberweerbaarheid

The financial sector is seeing ongoing digitisation. At the same time, cybercriminals are organising more and more sophisticated attacks. Although the frequency of these attacks is low, a successful attack can have a huge impact on the confidentiality, integrity and availability of payment systems. Cyber resilience is becoming increasingly important for financial institutions.

Learning together

The institutions that are part of the financial core infrastructure are already making great efforts to keep their resilience up to standard. These financial core institutions understand that they are closely knit together and that they have a shared interest in keeping their "neighbours" out of trouble. We are now also conducting a joint examination of cross-chain issues and are learning from each other by sharing best practices within the TIBER programme. The programme simulates the most sophisticated cyberattacks demanding a high level of control as critical systems are targeted in real time. Based on the latest threat information, TIBER simulates advanced cyberattacks in a controlled environment. The test results will be used to boost resilience, not only of the institution itself, but where appropriate also of fellow institutions.

TIBER-NL on tour

TIBER-NL has been designed to also allow for tests outside of the financial core infrastructure. The TIBER framework offers uniformity and guarantees quality, also in the international context. The ECB is currently developing a TIBER-EU framework, based on TIBER-NL and using elements of the British CBEST programme. This will initially be used to test the EU supervised financial market infrastructures, but other central banks can certainly use it to their advantage.

> Back to the newsletter