The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies.
“The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in conflict with existing law or policy,” it said.
“We adhere to these markings because trust in data handling is a key component of collaboration with our partners.”
In using these designations, the idea is to foster trust and collaboration in the cybersecurity community while ensuring that the information is shared in a controlled manner, the government added.
TLP is a standardized framework for classifying and sharing sensitive information. It comprises four colors — Red, Amber, Green, and White — that determine how it can be distributed further and only to those who need to know.
- TLP:RED – Information that’s not for disclosure outside of the parties to which it was initially shared without their explicit permission
- TLP:AMBER+STRICT – Information that’s for limited disclosure and may be shared on a need-to-know basis only to those within an organization
- TLP:AMBER – Information that’s for limited disclosure and may be shared on a need-to-know basis, either only to those within an organization or its clients
- TLP:GREEN – Information that’s for limited disclosure and may be shared with peers and partner organizations, but not via publicly accessible channels
- TLP:CLEAR – Information that can be shared freely without any restrictions
“We already do so much work together as a cybersecurity community to achieve an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve our collective aspirations,” National Cyber Director Harry Coker, Jr. said in a statement.
“We hope that this guidance will help both our interagency and private sector partners clearly understand the immense respect we have for trusted information sharing channels – and that it will allow more of those partnerships to flourish.”
