"Final Version of TIC Use Cases Covering Cloud Services"

Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), Software-as-a-Service (SaaS), and Email-as-a-Service (EaaS) have unique security considerations. The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has published the Trusted Internet Connections (TIC) 3.0 Cloud Use Case, which provides network and multi-boundary security guidance for agencies operating in cloud environments. The feedback garnered during the 2022 public comment period has been incorporated into the new version. The Cloud Use Case describes specific security patterns, applicable security capabilities, and telemetry requirements. This guidance also contains cloud-specific factors, including the shared services model and cloud security posture management principles defined in the Cloud Security Technical Reference Architecture. In addition, this use case is written from the perspective of cloud-hosted services as opposed to the consumer accessing these services. This article continues to discuss CISA's release of TIC 3.0 guidance documents. 

CISA reports "Final Version of TIC Use Cases Covering Cloud Services"