TIBER - Threat Intelligence-based Ethical Red Teaming
Developed by the European Central Bank, the TIBER-EU framework is the first EU-wide guide on how authorities, entities and threat intelligence and red-team providers should work together to test and improve the cyber resilience of entities by carrying out a controlled cyberattack. The tests allow your organization to quantify and thus reduce the impact of potential cyberattacks.
Roles and Responsibilities
The main participants in a TIBER-EU test are assigned to one of five different teams:
- blue team
- threat intelligence provider
- red team provider
- white team
- TIBER cyber team
What is the role of the red team?
Compass' red team carries out the simulated attack by attempting to compromise the critical functions of the entity by mimicking a cyber attacker and aiming to fulfill pre-defined missions. Red teaming operations have the main goal of measuring, training and improving blue team's ability to detect, protect and react when your organization is facing a real attack.
Example of a red team szenario: Simulated cyber attack with the goal of compromising the critical functions of the organization.
Through the multi-layered tests at all levels (technology, people, physical), organizations receive unfiltered insights in whether invests in cyber security are really effective.
Find out more about Compass' read teaming services: Details Red Teaming
TIBER Implementation in Germany
In order to tailor TIBER tests for the German financial sector, both the Deutsche Bundesbank and the Federal Ministry of Finance decided to implement the European framework as TIBER-DE in Germany. The implementation document has now been published on the website of the Deutsche Bundesbank: Cyber resilience of the financial system