The Cybersecurity and Infrastructure Security Agency released new Trusted Internet Connections 3.0 draft guidance that adjusts to federal agencies narrowing their cyberdefenses.
CISA, an agency within the Department of Homeland Security, provided the draft security guidance to assist agencies moving from wide network perimeters to micro-perimeters around individual or small groups of assets.
“It’s the holiday season, and reminders that life is about connections are all around us,” wrote Matt Hartman, director of network resilience at CISA, in the agency’s Dec. 20 announcement. “But as those who have clicked the ‘unsubscribe’ button or unfriended an old roommate know, some connections have to change over time.”
An inventory conducted in the early 2000s revealed agencies had more than 4,000 connections to the internet, prompting network consolidation down to about 50 TIC “access points” among large agencies.
TIC 3.0 — which approved cloud, agency branch office and remote user use cases — also directed DHS to lead ongoing approval of additional connections and elimination of dated ones.
CISA’s new TIC guidance spans five volumes meant to be read in order.
The Program Guidebook outlines the modern TIC program with historical context, while the Reference Architecture defines program concepts. The Security Capabilities Handbook indexes TIC-relevant security capabilities, and the Use Case Handbook introduces tradition and branch office use cases — the latter covering remote connections.
Lastly, the Security Provider Overlay Handbook maps the security functions of service providers to TIC capabilities.
CISA began fielding comments, feedback and questions on the draft guidance Dec. 23 and will continue to do so until Jan. 31 via the TIC GitHub repository or firstname.lastname@example.org. The agency also plans to hold informative webinars for civilian agencies during that period.