TIBER-SE is a framework for testing cyber security among participants in the Swedish financial system. This framework aims to help critical entities obtain a better picture of their capacity to manage cyber risks, and it thus provides a base for strengthening resilience in the financial system.
The Riksbank decided in December 2019 to adopt the TIBER-EU framework and publish guidelines for Sweden’s national adaptation, TIBER-SE. To coordinate these tests in Sweden, the Riksbank has launched a cooperation forum together with the central players in the Swedish financial system who will undergo testing under the framework.
TIBER-EU (Threat Intelligence-based Ethical Red Teaming) is a framework developed by the ECB that makes it possible to test, in a standardised way, resilience to cyber risks among players in the financial system. The test (known as red team testing) involves the controlled simulation of a cyber attack on an organisation's employees, processes and technology. The test is not ‘pass or fail’, but is aimed at identifying shortcomings so that resilience can then be improved.
The main aims of TIBER-EU are:
- to strengthen resilience to cyber threats in the financial sector,
- to standardise and harmonise the implementation of so-called red team tests within the EU,
- and to provide support for cross-border tests.
The implementation guide for TIBER-SE describes Sweden’s adaptation of the TIBER-EU framework.