Flagship Security Framework Summary

A comprehensive security lifecycle

Each function plays an essential role in defining controls, processes, and technologies to fulfill the core function
Flagship Security Framework

5 Core Functions

The Flagship Security Framework represents a comprehensive security lifecycle in which each function plays an essential role in defining controls, processes, and technologies to fulfill the core function. There are 5 core functions that are organized concurrently to represent a security lifecycle.
  • Identify pinpoints all the systems and platforms in the company’s infrastructure that may be a security risk.
  • Protect implements appropriate safeguards to ensure the delivery of critical services.
  • Detect enables timely discovery of cybersecurity events.
  • Respond implements the appropriate activities when facing a detected security event.
  • Recover implements the appropriate activities for resilience and restoring any capabilities or services that were impaired due to a security event.

Each function is essential to good security posture and successful management of cybersecurity risk. This is a lifecycle, or process, that never ends. It is very important for a security process to constantly develop, self-evaluate, and adjust because attackers are constantly evolving their tactics as well.

The SecOps Framework is built off the National Institute of Standards and Technologies (NIST) Cyber Security Framework. The NIST CSF framework was originally designed for critical infrastructure, but being very versatile, it can be used in organizations of all sizes. The framework is outcome-driven, though it does not define how the outcomes must be achieved. This allows both large and small cybersecurity budgets to achieve their end goals in a way that is feasible for them.

We further define our framework by defining four tracks within an organization's information technology system. The five core functions of the framework can be applied to each track to assist in finding weaknesses within the functions.

The four tracks are:

  • Users. Which can be anything from concerning your end users, including user identity, user access, authentication & even policies.
  • Endpoints. Workstations, laptops, phones, tablets, any device an end user can retrieve or store company data.
  • Infrastructure. Servers, Software as a Service (SaaS), and on-site applications
  • Network. Firewalls, switches, routers, wireless – anything that facilitates company traffic flows.
The framework's 5 core functions can be applied to each track to assist in finding weakness in your security infrastructure.
Flagship counsels our clients to take a layered approach to securing their environment, from ensuring the fundamentals are covered to providing more advanced protections. To demonstrate this layered approach, we can apply the protect functions to all four tracks – from the users to the endpoints, infrastructure, and network
We can apply the protect function to all 4 tracks, from the users to the endpoints, infrastructure and network.

The Protect function calls for Identity Management, Access Control, Awareness & Training and Protecting Technologies.

  • Multifactor Authentication protects the userswhich includes identity, access control, authentication, and policies.
  • Anti-Virus tools protect both the endpoints and infrastructure, which consists of Servers and Applications. As noted earlier, Anti-Virus tools can span two tracks.
  • Next-Gen Firewall will protect the Network at the edge.

For a deeper dive into the framework, download our Flagship Security Framework white paper.

© 2020 Flagship Networks, Inc. All rights reserved.