Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Members of public are advised to stay vigilant and not follow any instructions given by these scammers. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Resources
  3. Tips & Resources
  4. CSA Adopts Traffic Light Protocol (TLP) 2.0
Cybersecurity & IT Professionals

CSA Adopts Traffic Light Protocol (TLP) 2.0

3 July 2023

The Cyber Security Agency of Singapore (CSA) adopts the Traffic Light Protocol (TLP) 2.0 to define how cybersecurity-related information can be shared to relevant recipients using four (4) different TLP classification labels. As shown below, the four (4) TLP classification labels indicate the expected sharing boundaries and shall be adhered to by the Recipient(s).

TLP 2.0 Classification and its Description on the Access Restriction and Usage

TLP:RED text

TLP:RED

Not for further disclosure, restricted to Recipients only.

For the eyes and ears of individual recipients only, no further disclosure.

TLP:AMBER+STRICT text

TLP:AMBER+STRICT

Limited disclosure.

Sharing is restricted to the organisation only.

Information may be shared with inhouse contractors (i.e. the individual / staff working for the organisation) providing cybersecurity services to your organisation. However, these contractors shall not further disseminate the information to their parent company or other customers.

TLP:AMBER text

TLP:AMBER

Limited disclosure.

Recipients may share information with members of their own organisation and its clients, but only on a need-to-know basis to protect their organisation and its clients and prevent further harm.

Information may be shared with both inhouse and outsource contractors (i.e. the individual / staff working for the organisation) providing cybersecurity services to the receiving organisation; however, these contractors shall not further disseminate the information with their parent company or other customers.

TLP:GREEN text

TLP:GREEN

Limited disclosure, Recipients can share this within their community.

Recipients may share information with peers and partner organisations within their community, but not via publicly accessible channels.

TLP:CLEAR text

TLP:CLEAR

Recipients can spread this to the world, there is no limit on disclosure.

Subject to standard copyright rules, recipients may share information without restriction.

TLP 2.0 Terminology Definitions

Community: Under TLP, a community is a group which share common goals, practices, and informal trust relationships. A community can be as broad as all cybersecurity practitioners in a country (or in a sector or region).

Organisation: Under TLP, an organisation is a group which share a common affiliation by formal membership and are bound by common policies set by the organisation. An organisation can be as broad as all members of an information sharing organisation, but rarely broader.

Clients: Under TLP, clients are those people or entities that receive cybersecurity services from an organisation. Clients are by default included in TLP:AMBER so that the recipients may share information further downstream in order for their clients to take action to protect themselves. For organisations with national responsibility, this definition includes stakeholders and constituents.

Click here for TLP 2.0 Frequently Asked Questions