Aggregated News From Investment Management Regulators



Please complete the required fields.

Critical entities of the financial sector in Luxembourg must be able to adequately resist cyber-attacks in order to ensure their own resilience and thereby contribute to the one of the financial sector as a whole. To help achieve this objective, the Banque centrale du Luxembourg (BcL) and the Commission de surveillance du secteur financier (CSSF) decided to jointly adopt the testing framework for controlled cyber-attacks, namely TIBER-LU, in line with their respective financial stability mandates.

TIBER-LU’s adoption is consecutive to the publication in May 2018 of the European framework TIBER-EU1 by the European Central Bank (ECB). The TIBER-EU framework aims at i) testing the resilience of financial markets’ entities, ii) facilitating tests for cross-border entities that are subject to the supervision by several authorities, iii) helping entities to better assess their protection, detection and response capabilities and to fight against cyber-attacks. In this context, the TIBER-EU framework sets out a harmonized European approach for the conduct of threat-led penetration tests that mimic the tactics, techniques and procedures of real-life threat actors and that simulate a cyber-attack on critical functions and underlying systems of an entity.

The TIBER-EU framework, which was designed to be adopted by national and European authorities and for entities that are essential to the functioning of the financial infrastructure, can be used by all types of entities of the financial sector and also by entities of other sectors.

In line with the TIBER-EU framework, each jurisdiction adopts the European framework at national level by adapting its implementation to national specificities.


[email protected] and [email protected]

This news item was originally published by the Commission de Surveillance du Secteur Financier (CSSF LU). For more information, please see the Source Link.

Regulator Information

Abbreviation: CSSF
Jurisdiction: Luxembourg

Recent Articles


We believe this firm may be providing financial services or products in the UK without our authorisation. Find out why you should be wary...

Bright Loans UK Ltd (Clone of FCA Authorised Firm)

Fraudsters are using the details of firms we authorise to try to convince people that they work for a genuine, authorised firm. Find out...

Revision of Recommendation 25 – White Paper for Public Consultation

The Financial Action Task Force (FATF) is conducting a review of Recommendation 25 (R.25) on the transparency and beneficial ownership (BO) of legal arrangements....

Get the latest from Regulatory.News in your inbox!