TLP Use Cases
| Considerations for TLP Recipients Sharing Information with Their Cybersecurity Service Providers |
I received TLP:AMBER+STRICT information at my organisation. We outsource some of our cybersecurity services.
Can I share this with the organisations providing me those services? |
No.
Do not share TLP:AMBER+STRICT with any outside organisations without permission from the originator. Permission may come from the originator in the form of:
- A standing agreement,
- A request, or
- Instructions that accompany the information. |
I received TLP:AMBER information at my organisation. We outsource some of our cybersecurity services.
Can I share this with the organisations providing me those services? |
No.
Do not share TLP:AMBER with outside organisations that provide you cybersecurity services without permission from the originator.
Permission may come from the originator in the form of:
- A standing agreement,
- A request, or
- Instructions that accompany the information. |
I received TLP:GREEN information restricted to a defined community at my organisation. We outsource some of our cybersecurity services.
Can I share this with the organisations providing me those services? |
It depends.
You may share TLP:GREEN with organisations that provide you cybersecurity services if they are part of the defined community.
You may not share TLP:GREEN with organisations that provide you cybersecurity services if they are not part of the defined community. |
I received TLP:GREEN information with no defined community at my organisation. We outsource some of our cybersecurity services.
Can I share this with the organisations providing me those services? |
Yes.
You may share TLP:GREEN with organisations that provide you cybersecurity services. |
FIRST TLP Posters
Download TLP Posters Format A4
(Three color schemes, the text content is all the same)
