Skip to main content

TIBER-EU Update: a new era in cyber resilience testing under DORA

The European Central Bank (ECB) has announced an update to TIBER-EU (Threat Intelligence-based Ethical Red Teaming), the European framework for cyber resilience testing, further aligning it with the Digital Operational Resilience Act (DORA) and regulatory technical standards (RTS) for Threat-Led Penetration Testing (TLPT). This update marks a significant step towards a more structured, secure, and harmonized approach to cyber resilience testing across the European Union.

What’s new in the TIBER-EU update?

Alignment with TLPT deadlines under DORA – The new requirements impose strict deadlines for deliverables, ensuring a more efficient and well-structured testing process.

Mandatory Purple Team integration – The new methodology encourages collaboration between Red Teams (attackers) and Blue Teams (defenders) to maximize learning and enhance detection and response mechanisms.

Terminology harmonization – Terms such as "White Team" have been replaced with "Control Team", aligning with DORA standards and ensuring consistent communication between financial entities and regulatory authorities.

Detailed guidelines for TLPT execution – The new documents provide clear steps for conducting tests in a secure and structured manner, building on previous TIBER-EU experiences.

Simplified national implementation – The documentation has been optimized to facilitate the adoption of the framework by national authorities, reducing compliance complexity.

TIBER-EU is not just a compliance requirement, but a strategic opportunity to test and enhance cyber resilience against real-world threats. Since the DORA Regulation becomes mandatory on January 17, 2025, financial sector organizations must act quickly to integrate these requirements into their security strategies.

Our team has extensive expertise in threat intelligence, red/purple teaming, and regulatory compliance, assisting organizations in implementing robust cyber resilience programs.

🔹 Full support for TIBER-EU testing – From threat identification to advanced attack simulations and refining response strategies.
🔹 Local and global expertise – We have conducted numerous TIBER-EU tests across Europe and understand the specific requirements of the Romanian market.
🔹 Tailored approach for DORA compliance – We assist European financial organizations in developing a cybersecurity program aligned with TIBER-EU and DORA requirements.

By embracing TIBER-EU's new framework, organizations can strengthen their cybersecurity posture, enhance resilience, and ensure regulatory compliance in an evolving threat landscape. 

Under the hat

A Deloitte digest for cybersecurity experts

    

Subscribe here

For an in-depth exploration of our cybersecurity expertise

    

Discover more

Get in touch

Andrei Ionescu

Market Leader Consulting
+40 21 222 1661

Dragos Ionica

Senior Manager
+40 21 222 1661

In Romania, the services are provided by Deloitte Audit SRL, Deloitte Tax SRL, Deloitte Consultanta SRL, Deloitte Accounting SRL, Deloitte Fiscal Representative SRL, Deloitte Tehnologie SRL, Deloitte Support Services SRL, Deloitte Shared Services SRL as well as Reff & Asociații SPRL, the correspondent law firm of Deloitte in Romania, (jointly referred to as “Deloitte Romania") which are affiliates of Deloitte Central Europe Holdings Limited. Deloitte Romania is one of the leading professional services organizations in the country providing services in professional areas of audit, tax, legal, management consulting, financial advisory, risk management services, outsourcing solutions and technology consulting and other related services through over 3.400 national and specialized expatriate professionals. To learn more about how Deloitte makes an impact that matters, please visit www.deloitte.ro and connect with us on FacebookLinkedInYouTube and Instagram.

© 2025. For more information, contact Deloitte Romania