The United States Government (USG) has issued new guidelines governing the use of the traffic light protocol (TLP) to process threat intelligence shared between the private sector, individual researchers, and federal departments and agencies.
“U.S. General Management maintains a TLP label on cybersecurity information voluntarily shared by individuals, companies, or other organizations unless it is inconsistent with existing law or policy,” it said. said.
“We adhere to this label because trust in data processing is a key component of cooperation with our partners.”
In using these designations, the idea is to promote trust and cooperation in the cybersecurity community while ensuring a controlled exchange of information, the government added.
TLP is a standardized framework to classify and share confidential information. It consists of four colors – red, amber, green and white – which determine how it can be distributed further and only to those who need to know.
- TLP: RED – Information not to be disclosed outside of the parties to whom it was originally disclosed without their express permission
- TLP: AMBER+STRONG – Information that is subject to limited disclosure and may be disclosed on a need-to-know basis only to those within the organization
- TLP: AMBER – Information that is subject to limited disclosure and can be shared only with those within the organization or its customers.
- TLP: GREEN – Information that is subject to limited disclosure and may be shared with colleagues and partner organizations, but not through public channels
- TLP:CLEAR – Information that can be freely shared without any restrictions
“We are already working hard together as a cybersecurity community to achieve a positive, values-driven vision for a secure cyberspace that creates opportunities for our shared aspirations,” National Cyber Director Harry Coker Jr. said in a statement.
“We hope that these guidelines will help our interagency and private sector partners clearly understand the tremendous respect we have for trusted channels of information sharing, and that this will allow more such partnerships to develop.”
