On 31 January 2020, the De Nederlandsche Bank (DNB) issued a new and improved version of the TIBER-NL Guide.
31 Jan 2020
The TIBER documentation has been adapted to stay in line with the rapid developments of the cyber threats and the learning experiences from the TIBER-NL program. This has led to this new version of the TIBER-NL framework.
In 2017 the first version of the Threat Intelligence Based Ethical Red Teaming framework for the Netherlands was released (TIBER-NL). The framework describes how the most important financial institutions in the Netherlands can be tested against current and highly advanced cyber attacks. The tests are conducted under the coordination of DNB.
The most important adjustment in the framework concerns the connection of the intelligence about the institution (what could the attacker use?) and the test scenario that is being played. Also, more emphasis has been placed on learning from the experiences after the test. This way, the institution knows even better after the test where it can strengthen the defense.
This article was originally published in the January edition of REGWATCH. Read the full edition covering the following jurisdictions:
- European Union
- Hong Kong
- United Kingdom