Sean Connelly, who heads the TIC Program Office at the Cybersecurity and Infrastructure Security Agency (CISA), said today that his office is aiming to release a remote-user use case for the Trusted Internet Connections (TIC) 3.0 security initiative that will build on interim TIC guidance the agency issued earlier this year to help Federal agencies migrate quickly to large-scale telework.
Speaking at a virtual event organized by Government Executive Media Group, Connelly recapped his office’s planned work on a variety of additional TIC 3.0 use cases. His office is working with the Office of Management and Budget (OMB) and the Federal CISO Council on releasing final copies of the Traditional TIC and Remote Office use cases, which were first issued in draft form in late 2019.
Of high interest to Federal agencies staring into the prospect of perhaps many additional months of telework forced by spiking coronavirus infection rates, Connelly said his office hopes to release a draft remote-user use case by the end of 2020. Connelly said that use case will build upon the interim TIC 3.0 guidance issued in April to help with telework implementation.
Connelly said the April guidance only runs through the end of this year. When CISA issued the guidance earlier in the year, the agency said it was “interim and being issued in light of temporary changes to the posture of the Federal workforce.”
“While this guidance is short-term and will be phased out, CISA will integrate certain features of this guidance and lessons learned into the TIC 3.0 Remote User Use Case as they continue to be developed,” CISA said in April.
Elsewhere during his remarks today, Connelly said additional use cases “on the immediate horizon” will deal with infrastructure as a service, software as a service, platform as a service, and email.
Use cases being planned on a longer-term basis will focus on zero trust security, and the General Services Administration’s (GSA) Enterprise Infrastructure Solutions (EIS) contract, among others, he said.