What is Tiber EU / DK?

Tiber-EU / DK is a framework that provides a controlled, tailor-made, and intelligence controlled "Red Team Test" of financial companies' critical live production systems. Intelligence controlled "Red Teams" imitating tactics, techniques and procedures (TTPs) from real threat actors (Hacker), which on the basis of threat information is perceived as a real risk against the company. An intelligence "Red Team" involves the use of a number of techniques to simulate an attack on a company's critical functions (CFs) and underlying systems (ie its people, processes and technologies). It helps a company assess its capacity and maturity for protection, detection and response.

Briefly, you try to hack the company's "live" production system in a controlled way

In Denmark, the National Bank is responsible for Tiber DK. The entire framework can be found on their website http://www.nationalbanken.dk/da/finansielstabilitet/fsor/Sider/TIBER-DK.aspx

TIBER and ISO 27001

When you, as a financial business, consider a "Tiber Test", one must ensure its own security readynes ie that you have an information security management system (ISMS) framwork in place (ISO 27001) as well as the suppliers who must perform the test, as these can get in touch with sensitive production information.

 Tiber describes the requirements for suppliers of "Red Teams":

Suitable and mature providers must have a robust information security management system (ISMS) with a tailor-made security control framework and appropriate certification, based on recognized international standards. Examples of such certifications are included in Appendix 1. The ISMS must define a clear steering structure and processes that are effectively established, implemented, operated, continuously monitored, tested, reviewed, maintained and improved. The supplier should have one or more of the following certification.                                                                                 

Certification Standards



ISO/IEC 27001, ISO/IEC 29147, ISO 30111


NIST 800-115 for Information Security


FedRAMP-Compliant data centres


FIPS 140-2-Compliant encryption for data protection

If you want more about how Leave A Mark can help introduce ISO27001 prior to a Tiber test you are very welcome to contact us.