Sean Connelly, Trusted Internet Connection program manager, said his office plans to have the final guidance for the TIC 3.0 policy and the first two use cases ready by spring, Nextgov reported Tuesday.
After the final guidance’s release, Connelly said his office will shift its focus on issuing individual use cases. The Cybersecurity and Infrastructure Security Agency will set its sights on remote user and cloud service use cases, which were cited in the Office of Management and Budget’s memo in September 2019.
“Ultimately, there are a number of other use cases that we’re on the hook for: the Infrastructure-as-a-Service use case, the [Platform-as-a-Service], [Software-as-a-Service] use case, Email-as-a-Service and also the remote user. Those are the alternative use cases that are already embedded in the OMB memo,” said Connelly, who is also senior cybersecurity architect at CISA’s office of the chief technology officer.
Connelly said agencies such as the Department of Energy and the Small Business Administration have begun piloting some additional use cases.
“Our expectation is we’ll release the first two use cases—the traditional TIC and the remote office—with this final release,” he said. “Then, soon after, we’ll start, hopefully, being able to map some of those pilots we’re working with in the background to build out those use cases.”