CISA releases Trusted Internet Connections 3.0 core guidance documentation

August 6, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) released core guidance documentation for the Trusted Internet Connections (TIC) program, developed to assist agencies in protecting modern information technology architectures and services.

CISA released final versions of three of the TIC 3.0 core guidance documents, representing the conclusion of their adjudication period following the issuance of draft documents in December 2019. The Program Guidebook, Reference Architecture, and Security Capabilities Catalog (formerly known as the Security Capabilities Handbook) are amended and improved thanks to the hundreds of recommendations, comments, and questions CISA received during the 50-day request for comments period in early 2020. The final versions of these documents can be found at: www.cisa.gov/publication/tic-30-core-guidance-documents.

According to CISA, TIC 3.0 expands on the original initiative to drive security standards and leverage advances in technology to secure a wide spectrum of agency network architectures. This new version of TIC is highly iterative, which means the guidance will better reflect modern processes and technological innovations compared to previous iterations of the program. TIC 3.0 recognizes shifts in modern cybersecurity and pushes agencies toward adoption, while recognizing their challenges and constraints in modernizing IT infrastructure as well.

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.