Connect with us

Hi, what are you looking for?


Data Protection

CISA Issues Guidance on Transitioning to TLP 2.0

The US Cybersecurity and Infrastructure Security Agency (CISA) this week published a user guide to help organizations prepare for the November 1, 2022, move from Traffic Light Protocol (TLP) version 1.0 to TLP 2.0.

The US Cybersecurity and Infrastructure Security Agency (CISA) this week published a user guide to help organizations prepare for the November 1, 2022, move from Traffic Light Protocol (TLP) version 1.0 to TLP 2.0.

TLP is used to inform recipients of sensitive information on the extent to which they may share the provided data, and relies on four labels to indicate sharing boundaries that recipients can apply.

In TLP 1.0, these four labels are TLP:RED, TLP:AMBER, TLP:GREEN, and TLP:WHITE, and restrict the sharing of information to specific participants only, to participants’ organizations, to the community, or allow full disclosure, respectively.

Changes that TLP 2.0 brings include the replacement of TLP:WHITE with TLP:CLEAR and the inclusion of TLP:AMBER+STRICT to supplement TLP:AMBER.

Thus, starting with TLP 2.0, the sharing of information will be restricted to individual recipients only, to the recipient’s organization and its clients (TLP:AMBER+STRICT will restrict the sharing to the organization only), or to the recipient’s community, or can be shared to the world.

The TLP labels can be inserted within documents (in the header and footer of each page), in automated information exchanges, emails and chats (directly prior to the information itself), and even in verbal discussions, the fact sheet on moving to TLP 2.0 explains.

While the move to TLP 2.0 is planned for November 1, CISA will not update its Automated Indicator Sharing (AIS) capability until March 2023.

Advertisement. Scroll to continue reading.

CISA is urging organizations to take note of the upcoming move to TLP 2.0 and to adopt the newer version to “facilitate greater information sharing and collaboration”.

This TLP system of markings, which is managed by the Forum of Incident Response and Security Teams (FIRST), is not legally binding, the agency also notes.

Related: US Agencies Publish Security Guidance on Implementing Open RAN Architecture

Related: AMTSO Publishes Guidance for Testing IoT Security Products

Related: US, UK, New Zealand Issue PowerShell Security Guidance

Related: CISA Releases Final IPv6 Security Guidance for Federal Agencies

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.