The US government has issued new guidelines for handling threat intelligence information shared between private sectors, individual researchers, and federal departments. The guidance follows the Traffic Light Protocol (TLP), a standardized framework for classifying sensitive information.
According to the guidance, the government adheres to TLP markings when sharing cybersecurity information voluntarily received from individuals or organizations. This is done to foster trust and collaboration in the cybersecurity community while controlling information distribution.
The TLP consists of four colors: Red, Amber, Green, and White. Each color represents a level of disclosure:
– TLP:RED: Not for public disclosure.
– TLP:AMBER+STRICT: Limited disclosure to those within an organization.
– TLP:AMBER: Limited disclosure to those within the organization or its clients.
– TLP:GREEN: Information shared with peers and partner organizations, excluding publicly accessible channels.
– TLP:CLEAR: Free sharing without restrictions.
National Cyber Director Harry Coker Jr. stated that this guidance aims to promote clear understanding of trusted information sharing channels, allowing partnerships between interagency and private sectors to flourish.
Source: https://thehackernews.com/2024/10/us-government-issues-new-tlp-guidance.html?m=1