The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies.
“The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in conflict with existing law or policy,” it said.
“We adhere to these markings because trust in data handling is a key component of collaboration with our partners.”
In using these designations, the idea is to foster trust and collaboration in the cybersecurity community while ensuring that the information is shared in a controlled manner, the government added.
TLP is a standardized framework for classifying and sharing sensitive information. It comprises four colors — Red, Amber, Green, and White — that determine how it can be distributed further and only to those who need to know.
“We already do so much work together as a cybersecurity community to achieve an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve our collective aspirations,” National Cyber Director Harry Coker, Jr. said in a statement.
“We hope that this guidance will help both our interagency and private sector partners clearly understand the immense respect we have for trusted information sharing channels – and that it will allow more of those partnerships to flourish.”
