Skip to content

Introduction

Purpose of this document

The White Team is the team – within the entity that is being tested – that is responsible for the overall planning and management of the test, in accordance with the TIBER-EU Framework. This document provides information about its roles, responsibilities and other relevant organisational aspects.

Structure of the White Team Guidance

The White Team Guidance is structured as follows:

  • Chapter 3 sets out the role and responsibilities of the White Team during the preparation, testing and closure phases of a TIBER-EU test;
  • Chapter 4 provides guidance on the composition of the White Team and on the different types of profiles required within the entity and possibly from the entity’s third-party providers;
  • Chapter 5 provides guidance on the skills and experience needed for the different functions in the White Team to manage the test;
  • Chapter 6 provides guidance on the organisation of the White Team during the TIBER-EU test.

Target audience of the White Team Guidance

This White Team Guidance is aimed at:

  • authorities responsible for adopting, implementing and managing the TIBER-EU Framework at national and European levels;
  • entities looking to undertake TIBER-EU tests;
  • supervisors and overseers of those entities;
  • third-party providers that may be included in the scope of the test of entities;
  • organisations interested in providing cyber threat intelligence services under TIBER-EU (threat intelligence (TI ) providers);
  • organisations interested in providing red team testing services under TIBER-EU (red team (RT) providers).

Although the TIBER-EU Framework is aimed at the financial sector, it can be applied by other sectors and industries for testing other types of entities.