ECB published the European framework for Threat Intelligence-Based Ethical Red Teaming (TIBER-EU). TIBER-EU is the first Europe-wide framework for controlled and bespoke tests against cyber attacks in the financial market. This framework enables European and national authorities to work with financial entities to put in place a program to test and improve their resilience against sophisticated cyber attacks.
The TIBER-EU framework facilitates a harmonized European approach toward intelligence-led tests which mimic the tactics, techniques, and procedures of real hackers who can be a genuine threat. TIBER-EU-based tests simulate a cyber attack on an entity’s critical functions and underlying systems, such as its people, processes, and technologies. This helps the entity to assess its protection, detection, and response capabilities against potential cyber attacks, thus enabling it to learn and evolve to a higher level of cyber maturity. The TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including entities with cross-border activities which fall within the regulatory remit of several authorities. The framework can be used for any type of financial-sector entity. For the purposes of the TIBER-EU framework, entities include payment systems, central securities depositories, central counterparty clearing houses, trade repositories, credit rating agencies, stock exchanges, securities settlement platforms, banks, payment institutions, insurance companies, asset management companies and any other service providers deemed critical for the functioning of the financial sector.
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cyber Risk, TIBER-EU, Cyber Resilience, ECB
Previous ArticleEIOPA Publishes Report on Oversight Activities in 2017
BoE published a statistical notice (Notice 2020/9) explaining the approach for treatment of payment holidays on the profit and loss return or Form PL.
BoE updated the known issues document for the statistical reporting Forms AS and FV.
BIS published an update on the G20 TechSprint Initiative, which was launched in April 2020 and aims to highlight the potential for technologies to resolve regulatory compliance (regtech) and supervisory (suptech) challenges.
FED announced individual capital requirements for 34 large banks and these requirements go into effect on October 01, 2020.
SRB published a set of documents to give operational guidance to banks on implementation of the bail-in tool.
OSFI published a letter that provides an update on the milestones for the implementation of the IFRS 17 standard on insurance contracts.
EBA updated the report on the implementation of selected COVID-19 policies.
The Financial Stability Institute (FSI) of BIS published a brief note that examines the supervisory challenges associated with certain temporary regulatory relief measures introduced by BCBS and prudential authorities in response to the COVID-19 pandemic.
BCBS is consulting on the principles for operational resilience and the revisions to the principles for sound management of operational risk for banks.
BoE updated the reporting template for Form ER as well as the Form ER definitions, which contain guidance on the methodology to be used in calculating annualized interest rates.