Traffic Light Protocol (TLP)

Last updated: May 20, 2024

The Traffic Light Protocol was created in order to facilitate greater sharing of information. TLP is a set of designations used to ensure that sensitive information is shared with the appropriate audience. It employs four colors to indicate expected sharing boundaries to be applied by the recipient(s).1

TLP will be used at the UW during incidents and incident response, with a TLP level applied to specific communications.

TLP: RED

Not for disclosure, restricted to participants only.

Example: There is a security risk associated with critical infrastructure that does not have an immediate technological solution. The concern needs to be discussed but wider disclosure could increase risk.

TLP: AMBER+STRICT

Limited disclosure, restricted to the Office of Information Security (OIS). 

Example: An event has been identified by an analyst, and additional OIS personnel are required to properly investigate.

TLP: AMBER

Limited disclosure, restricted to OIS and its clients (other UW departments involved with incident and incident response).

Example: Notification of a UW department of an event involving their systems.

TLP: GREEN

Limited disclosure, restricted to the UW community (professional and academic staff). 

Example: Security risks to UW systems which have a technical solution that can be implemented immediately.

TLP:CLEAR

Disclosure is not limited.

Example: Risks that are public in nature and have been shared in public media, vendors, or other outside sources.

 

1 CISA. Traffic Light Protocol (TLP) Definitions and Usage (August 22, 2022). https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage