cybersecurity Glossary

What is TIBER?

Threat Intelligence Based Ethical Redteaming (TIBER), or Threat Intelligence Based Ethical Redteaming, is the name given to the framework that, by combining Cyber Intelligence and Red Team capabilities, improves the level of cyber resilience of the organization in which it is developed.

Faced with the complex threat landscape affecting a sector as critical as the financial sector, the ECB launched the TIBER EU project to encourage different entities to undergo tests to assess the robustness of their security systems.

With the entry into force of the TIBER EU framework and its transcription into the national frameworks under acronyms such as TIBER-ES, TIBER-DE, TIBER-PT or TIBER-IT, financial organizations are encouraged that these exercises not only be periodic and conducted in sync with the regulator but also be led by a previous phase of Threat Intelligence and focused on the design of plausible APT scenarios.

Thus, TIBER establishes that the different attack scenarios to be tested by a Red Team exercise must be previously identified and defined in an independent Threat Intelligence phase, i.e., they cannot be guided or influenced by either the tested entity or the Red Team providing the exercise.

Following this path, at the end of 2022, the European Parliament approved the DORA regulation, which encourages the performance of Threat Lead Penetration Tests (TLPT) among a wide range of measures. This is a commitment to continuous diagnosis and testing of cyber resilience, adopting a proactive stance in identifying areas for improvement and being aware of the constant evolution that an organization of this nature presents.

Tarlogic website has published some articles related to TIBER:

Red Team: Red Team services simulate hostile actor actions to test an organization’s defenses against an actual attack and improve its ability to detect and respond to incidents and train its defensive teams…

Threat Intelligence: Targeted threat intelligence is focused on uncovering the security risks and attack scenarios a company may face to improve its cyber defenses.