CISA Releases Draft Versions of TIC 3.0 Remote User Use Case and NCPS NCIRA Volume 2

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released draft versions of the TIC 3.0 Remote User Use Case and NCPS Cloud Interface Reference Architecture (NCIRA) Volume 2 (TIC stands for “Trusted Internet Connections” and NCPS stands for “National Cybersecurity and Protection System Documents” – you can read about both programs at the links provided). The TIC Program Office, under Capacity Building, developed the draft TIC 3.0 Remote User Use Case to lay out how network and multi-boundary security should be applied when an agency has users performing sanctioned business functions outside of an agency premises. The use case is designed to help agencies preserve security as they move away from traditional network scenarios in support of the maximized telework environment. The NCPS Program Office, under Capacity Development, developed the draft NCIRA Volume 2, the second of a two-part collection. The guidance is designed to provide an index of common cloud telemetry reporting patterns and characteristics for how agencies can send cloud-specific data to the NCPS cloud-based architecture. Individual cloud service providers can refer to the reporting patterns in this volume to offer guidance on their solutions that allow agencies to send cloud telemetry to CISA in fulfillment of NCPS requirements. Comments on the documents will be accepted at ti*@******hs.gov from now until Friday, January 29, 2021. After closing the RFC period, CISA will release the final versions of the documents to the public.