UK National Cyber Security Centre UK National Cyber Security Centre Security operators are responsible for detecting malicious activity, responding to threats and defending their networks and systems from cyber attacks. Security operations are commonly entwined with other operational and management priorities to ensure that both security and operational priorities are considered holistically. With security operators being a crucial part of operation, management and security of the network, it is valuable to give consideration to them during the design of new protocols. This document builds upon draft-ietf-opsawg-rfc5706bis, describing the fundamentals of security operations to provide a foundation for considerations for protocol design and guidance. This document also describes how security operations considerations can be most usefully included in other IETF documents.