To strengthen cyber resilience, TIBER-DK facilitates Threat Intelligence Based Ethical Red-teaming tests of critical infrastructure in the Danish financial sector. The involvement and expertise of Threat Intelligence (TI) and Red Team (RT) providers is crucial in this pursuit. Therefore, the TIBER-DK Cyber Team (TCT) wishes to further strengthen the dialogue and mutual feedback with TI and RT providers.
TIBER tests simulate advanced attacks from organised criminal groups and state-sponsored actors in live production environments. Incorporating targeted, up-to-date threat intelligence, the tests take point of departure in realistic tactics, techniques and procedures. The ultimate objective is to increase cyber resilience across the financial sector in Denmark.
To strengthen the initiative and create a foundation for mutually beneficial dialogue, TCT therefore cordially invites all interested TI and RT providers to the first TIBER provider event. Here, the main takeaways from the newly released TIBER-DK Framework 3.0 will be presented. In addition, the upcoming TIBER-EU best practices on Purple Teaming will be introduced. Finally, providers will be able to share experiences and discuss the TIBER-DK Framework along with their ideas and visions for future framework improvements. Input to future events can also be discussed. Thus, this will the first in a series of events created to stimulate cooperation, both across TCT and TI/RT providers, and between providers. The agenda will be as follows:
- 08:30 – 08:35 Welcome and introduction
- 08:35 – 08:55 TIBER-DK Framework update (Framework 3.0)
- 08:55 – 09:15 TIBER-EU Purple Teaming
- 09:15 – 09:35 Using MITRE ATT&CK in future testing activities
- 09:35 – 09:55 Discussions on future provider events and topics
- 09:55 – 10:00 Any other business
All providers are welcome to the event. It is not a prerequisite to have previous experience with TIBER tests. Due to covid restrictions, the event will be held in a fully virtual format on 1 February 2022 from 8:30-10:00. However, once restrictions are lifted, we look forward to hosting future provider events in a hybrid format. In order to participate, please RSVP to firstname.lastname@example.org, indicating the email addresses of participants.
On behalf of the TIBER-DK Cyber Team, we hope to see as many attendees as possible at this first of a series of successful provider events.