ECB published the European framework for Threat Intelligence-Based Ethical Red Teaming (TIBER-EU). TIBER-EU is the first Europe-wide framework for controlled and bespoke tests against cyber attacks in the financial market. This framework enables European and national authorities to work with financial entities to put in place a program to test and improve their resilience against sophisticated cyber attacks.
The TIBER-EU framework facilitates a harmonized European approach toward intelligence-led tests which mimic the tactics, techniques, and procedures of real hackers who can be a genuine threat. TIBER-EU-based tests simulate a cyber attack on an entity’s critical functions and underlying systems, such as its people, processes, and technologies. This helps the entity to assess its protection, detection, and response capabilities against potential cyber attacks, thus enabling it to learn and evolve to a higher level of cyber maturity. The TIBER-EU framework has been designed for national and European authorities and entities that form the core financial infrastructure, including entities with cross-border activities which fall within the regulatory remit of several authorities. The framework can be used for any type of financial-sector entity. For the purposes of the TIBER-EU framework, entities include payment systems, central securities depositories, central counterparty clearing houses, trade repositories, credit rating agencies, stock exchanges, securities settlement platforms, banks, payment institutions, insurance companies, asset management companies and any other service providers deemed critical for the functioning of the financial sector.
Keywords: Europe, EU, Banking, Insurance, Securities, PMI, Cyber Risk, TIBER-EU, Cyber Resilience, ECB
Previous ArticleEIOPA Publishes Report on Oversight Activities in 2017
HKMA is consulting on revisions to the Supervisory Policy Manual module CR-G-14 on margin and other risk mitigation standards for non-centrally cleared over-the-counter (OTC) derivatives transactions.
PRA provided further information on the application of regulatory capital and IFRS 9 requirements to payment holidays granted or extended to address the challenges arising from COVID-19 outbreak.
HKMA announced the publication of a report on fintech adoption and innovation in the banking industry in Hong Kong.
BIS published a working paper that examines the drivers of cyber risk, especially in context of the cloud services.
ECB launched consultation on a guide specifying how the Banking Supervision expects banks to consider climate-related and environmental risks in their governance and risk management frameworks and when formulating and implementing their business strategy.
ECB published an opinion (CON/2020/16) on amendments to the prudential framework in EU in response to the COVID-19 pandemic.
EBA published a report that examines the interlinkages between recovery and resolution planning under the Bank Recovery and Resolution Directive (BRRD).
SRB published the final Minimum Requirements for Own Funds and Eligible Liabilities (MREL) policy under the Banking Package.
US Agencies (FDIC, FED, and OCC) published a final rule that makes technical changes to the March 31, 2020 interim final rule that provides a five-year transition period for the impact of the current expected credit loss (CECL) methodology on regulatory capital.
ECB published results of the March 2020 survey on credit terms and conditions in euro-denominated securities financing and over-the-counter (OTC) derivatives markets.