TIBER: working together against cybercrime
The financial sector is working together in the TIBER-NL programme to improve its resilience against cyber attacks. TIBER-NL is coordinated by the Cyber Unit of De Nederlandsche Bank (DNB).
Test attacks to assess resilience
TIBER is short for threat intelligence-based ethical red teaming. Financial institutions use the TIBER programme to test their resilience against sophisticated cyberattacks. They do so by staging test attacks, which are based on realistic threats. These test attacks are performed by cybersecurity companies and supervised by DNB. Institutions cannot pass or fail these tests: the aim is to gain insight into their strengths and weaknesses and to identify areas for improvement. Institutions share their experiences and improvement plans with each other. This way, the whole sector can benefit from these tests.
DNB was the first central bank to undertake this type of testing in 2016. Based on our approach, the European Central Bank (ECB) and the other central banks in the European Union (EU) have drawn up the TIBER-EU Framework. Twelve EU Member States are now using this framework, working together in the TIBER-EU Knowledge Centre.
How a test works
TIBER-NL tests mimic the tactics, techniques and procedures of real hacker groups. The test is performed on the basis of specific threats to the institution. It involves a controlled attack on the critical functions of the institution and its underlying systems and services. People, processes and IT infrastructure may also be targeted. The fact that a test attack is taking place is only known to a few people at the institution. The aim of the test is always to enable the institution to learn and improve.
TIBER programme target group
The TIBER-NL programme was originally intended for institutions in the core financial infrastructure, such as large banks and payment institutions. We are now also using it for the main pension providers and insurers. The TIBER-NL framework can also be used in other critical sectors, such as healthcare, telecom and energy.
- TIBER-NL Guide. Here you can read how the TIBER Framework is applied in the Netherlands.
- TIBER-EU Services Procurement Guidelines. These guidelines describe how financial institutions select and purchase the services of cybersecurity companies. The guidelines also apply to Dutch tests.
- TIBER-EU White Team Guidance. This guidance explains how institutions can set up a white team. It also applies to Dutch institutions.
- TIBER-EU Framework
There are templates and guidelines for all the different phases of a test. You can download them below: