TIBER and DORA TLPT

TIBER

Threat Intelligence-Based Ethical Red Teaming (TIBER)-EU is a framework developed by the European Central Bank that makes it possible to test, in a standardised way, resilience to cyber risks among actors in the financial system. The test (known as red team testing) involves the controlled simulation of a cyber attack on an organisation's employees, processes and technology. The test is not ‘pass or fail’, but is aimed at identifying shortcomings so that resilience can then be improved.

The main aims of TIBER-EU are:

• to strengthen resilience to cyber threats in the financial sector,
• to standardise and harmonise the implementation of so-called red team tests within the EU,
• and to provide support for cross-border tests.

TIBER-SE is the Swedish implementation of the TIBER-EU framework. TIBER-SE is based on harmonised requirements of the TIBER-EU framework and uses the TIBER-EU framework documents in the testing process.

DORA TLPT

The EU Digital Operational Resilience Act (DORA) aims to ensure the cyber resilience of the European financial sector. The Regulation sets out regulatory requirements for risk management and IT security. Among other things, DORA requires the implementation of Threat Led Penetration Testing (TLPT) for financial entities with system-critical activities. The aim is for the testing to be used as a learning experience to strengthen the digital operational resilience of EU financial actors.

The requirements of DORA TLPT align with the testing process in TIBER-SE. The relationship between the law and the framework can be explained as TLPT describing what to do, while TIBER-SE describes how to do it. In this way, the TIBER-SE and associated documents provide additional guidance and context to the implementation of TLPT. In Sweden, TIBER-SE will be used for DORA TLPT.