ENCS is evaluating how well the sensors in the market can monitor the security of central systems and substations and to compare the current performance to the results from the OT sensor evaluations performed in 2018 and 2020.
A minimum set of use cases should be implemented in a SIEM system, which assures the SIEM system covers at least the highest risks, compliance targets, and specific security measures’ effectiveness. These high-level use cases are fed by events from monitored assets, including also security solutions such as OT IDSs. Hence, lower-level use cases such as the IDS ones must be consistent with the ones in the SIEM.
We have been working on minimum sets of use cases for OT SIEM systems and OT IDS systems in the SOC analysts roundtable and the OT IDS operations program project respectively. In this webinar, we will introduce both sets and how they work together.