Considerations for TLP Recipients Sharing Information with Their Cybersecurity Service Providers | |
---|---|
I received TLP:AMBER+STRICT information at my organisation. We outsource some of our cybersecurity services. Can I share this with the organisations providing me those services? |
No. Do not share TLP:AMBER+STRICT with any outside organisations without permission from the originator. Permission may come from the originator in the form of: - A standing agreement, - A request, or - Instructions that accompany the information. |
I received TLP:AMBER information at my organisation. We outsource some of our cybersecurity services. Can I share this with the organisations providing me those services? |
No. Do not share TLP:AMBER with outside organisations that provide you cybersecurity services without permission from the originator. Permission may come from the originator in the form of: - A standing agreement, - A request, or - Instructions that accompany the information. |
I received TLP:GREEN information restricted to a defined community at my organisation. We outsource some of our cybersecurity services. Can I share this with the organisations providing me those services? |
It depends. You may share TLP:GREEN with organisations that provide you cybersecurity services if they are part of the defined community. You may not share TLP:GREEN with organisations that provide you cybersecurity services if they are not part of the defined community. |
I received TLP:GREEN information with no defined community at my organisation. We outsource some of our cybersecurity services. Can I share this with the organisations providing me those services? |
Yes. You may share TLP:GREEN with organisations that provide you cybersecurity services. |
Download TLP Posters Format A4 (Three color schemes, the text content is all the same)