ECB updates TIBER-EU framework to align with DORA RTS on TLPT

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA) RTS on threat-led penetration testing (TLPT) (see item above). The ECB also published a news item on the updated framework.

The TIBER-EU framework enables EU and national authorities to work with financial and other entities to put in place a programme to test and improve their resilience against sophisticated cyber-attacks. It also sets out detailed guidance on how to complete DORA TLPT in a qualitative, controlled and safe manner, applying a uniform approach across the EU. The updates introduced in the framework include: (i) aligning the process steps with the deliverables derived from the DORA RTS on TLPT; (ii) specifying purple-teaming as mandatory under TIBER-EU, as prescribed in the DORA RTS; (iii) introducing terminological changes to ensure consistency with DORA terminology, e.g., "White Team" to "Control Team" (iv) providing advice on how to assess the quality of a provider in the updated Guidance for Service Provider Procurement; (v) moving away from the requirement for authorities that want to implement TIBER-EU to publish a full national implementation guide; authorities can instead refer to the adoption of the TIBER-EU documentation and publish a short implementation document described in the framework; and (vi) establishing TIBER-EU guidance documents to facilitate the implementation of different parts of the framework and to ensure a secure and controlled TLPT execution.

News item→

Return to main website.