Red Teams are an increasingly popular form of defence and are essential to complying with the TIBER-EU framework.
Every entity from banks and investment firms, to regulatory and credit agencies find themselves in a perpetual state of readiness when it comes to cyber security. The sensitive nature of the data stored on the organisations’ servers fetches top dollar on the Dark Web, and governments are doing everything in their power to ensure stolen information never reaches it.
The Threat Intelligence-Based Ethical Red Teaming for the European Union (TIBER-EU) framework is the European Central Bank’s (ECB) answer for an industry that can’t afford to have any questions surrounding its cyber security effectiveness.
What is the TIBER-EU framework?
TIBER-EU is a non-compulsory framework that’s designed as the new standard in regard to threat intelligence gathering and cyber resilience fortification in the financial services industry. It’s conducted intelligence-led red team assessments.
The goal is to help businesses with critical infrastructure test the effectiveness of their cyber security defences in real-time against malicious threat actors. It’s expected to garner high adoption rates among sectors that include, but aren’t limited to:
TIBER-EU establishes a formal EU-based directive as to how companies should source and conduct an intelligence-led red team assessment. The strategy hinges on red teams attacking live systems and processes so that the business can better understand its detection and remediation capabilities in light of an actual attack.
The penetration testing process set by TIBER-EU contains three phases:
Organisations with locations in multiple countries across the EU will be able to conduct just one test in a single location, and then apply those findings throughout their other sites. The framework is voluntary in nature, but the rapidly evolving techniques used by hackers is expected to boost adoption rates so that businesses can provide compliance and that due diligence was has been observed.
Why is the TIBER-EU framework important?
The TIBER-EU framework arrives two years after hackers stole $81 million – short of their $1 billion target – from Bangladesh Bank in 2016. The criminals were able to gain employee credentials so that they could manipulate the Society for Worldwide Interbank Financial Telecommunication (SWIFT) system, which allowed them to send fraudulent wire transfers to a series of other banks.
It’s a case that serves as a stark reminder of the economic magnitude that a successful hacking attempt could have on a financial services business and the country it resides in. The industry is the leading target for cyber criminals, according to the IBM X-Force Threat Intelligence Index 2018.
Researchers found:
Although there are several frameworks and regulations that promote setting world-class cyber security standards in the financial sector, they only briefly touch on taking an active approach to testing how the systems hold up in light of an actual attack.
Intelligence-led red team assessments enable financial institutions to evaluate their ability to identify hacking attempts and quickly respond to them. TIBER-EU provides well respected guidelines to help firms achieve the best results and supports a standard for threat intelligence sharing.
The new frame has the potential to produce a significant positive impact on the security of countries’ finances by equipping institutions with the knowledge and tools to defend against hacking groups that are growing more advanced in their techniques by the second.
How to get the best results from TIBER-EU
TIBER-EU will only be as valuable as the information that’s produced from the red team assessments. Because of this, it’s vital that financial institutions use independent providers that are fully accredited and offer a wide range of services.
Integrity360’s red team assessment specialists have trained in a wide range of disciplines and hold certifications from the following respected cyber security organisations:
Our wide-ranging experience enables our team to build a comprehensive intelligence-led red team assessment, which includes the following capabilities:
TIBER-EU has the potential to radically transform the resilience of cyber security in the most frequently targeted industry in the world, but only if the framework is leveraged effectively. Working with a red team provider with years of experience on the front lines of cyber security testing is one of the keys to unlocking the full potential of TIBER-EU. If you are interested in learning more about our Red Team services, download our free eBook now:
Contact Integrity360 today and visit our cloud security services page to learn more