TLS (Transport Layer Security) is a cryptographic protocol that ensures confidentiality and integrity of data during transmission. HTTPS — encrypted web communication — relies on TLS. During the handshake, the protocol negotiates encryption parameters and authenticates the server via certificates. In an ISMS, TLS is a core technical control for protecting data in transit. Current best practice requires at least TLS 1.2, with TLS 1.3 preferred. Older versions (SSL, TLS 1.0/1.1) are considered insecure and should be disabled.