ECB published guidance on the roles and responsibilities of the White Team in a Threat Intelligence-Based Ethical Red Teaming (TIBER-EU) test. The guidance covers the roles and responsibilities of the White Team during the preparation, testing, and closure phases of a TIBER-EU test; the composition of the White Team; the requisite skills and experience of the White Team; and the organizational aspects of the White Team.
The TIBER-EU White Team Guidance is an integral part of the TIBER-EU Framework. The TIBER-EU framework enables European and national authorities to work with financial infrastructures and institutions to put in place a program to test and improve their resilience against sophisticated cyber attacks. TIBER-EU is an instrument for red team testing, designed for use by core financial infrastructures, whether at national or at European level, which can also be used by any type or size of entity across the financial and other sectors. TIBER-EU is designed to be adopted by the relevant authorities in any jurisdiction, on a voluntary basis and from a variety of perspectives, as a supervisory or oversight tool, for financial stability purposes, or as a catalyst. So far, ECB has published guidance on implementing the TIBER-EU Framework and Guidelines for the TIBER-EU Services Procurement Guidelines.
The White Team is the team—within the entity being tested—that is responsible for the overall planning and management of the test, in accordance with the TIBER-EU Framework. The members of the White Team are the only people within the entity being tested that know that a TIBER-EU test is taking place. The White Team must ensure that the TIBER-EU test is conducted in a controlled manner, with appropriate risk management controls in place, while maximizing the learning experience for the entity. For this, the White Team must closely cooperate with the TIBER Cyber Team (TCT) from the respective authority.
Related Link: TIBER-EU White Team Guidance (PDF)
Keywords: Europe, EU, Banking, Securities, PMI, Cyber Risk, Cyber Resilience, TIBER-EU, White Team, ECB
Previous ArticleESRB Dashboard Examines Systemic Risks in EU
HM Treasury notified that, after considering all responses, the government intends to bring forward further legislation, when the Parliamentary time allows, to address issues identified in the consultation on supporting the wind-down of critical benchmarks.
EIOPA launched the 2021 stress test for the insurance sector in EU.
UK authorities jointly published the third edition of Regulatory Initiatives Grid setting out the planned regulatory initiatives for the next 24 months.
EC is requesting feedback on the proposed Commission Delegated Regulation on the content, methodology, and presentation of information that large financial and non-financial undertakings should disclose about their environmentally sustainable economic activities under the Taxonomy Regulation.
OSFI has set out the near-term priorities for federally regulated financial institutions and federally regulated private pension plans for the coming months until March 31, 2022.
Under the Italian G20 Presidency, BIS Innovation Hub and the Italian central bank BDI launched the second edition of the G20 TechSprint on the lookout for innovative solutions to resolve operational problems in green and sustainable finance.
ACPR published Version 1.0.0 of the RUBA taxonomy, which will come into force from the decree of January 31, 2022.
EBA proposed the regulatory technical standards on a central database on anti-money laundering and countering the financing of terrorism (AML/CFT) in EU.
ECB published its response to the targeted EC consultation on the review of the bank crisis management and deposit insurance framework in EU.
BCBS, CPMI, and IOSCO (the Committees) are inviting entities that participate in market infrastructures and securities markets through an intermediary as well as non-bank intermediaries to complete voluntary surveys on the use of margin calls.