Best practices

Our best practice documents contain security recommendations for ENCS members’ security specialists. These best practices for cyber security are developed in the security programs, based on the experience of other members. They cover a wide variety of topics, such as setting up an information security management system, defining use cases for security operations, and selecting sensors to monitor operational technology systems.

WP-063-2024: Tabletop exercises: Physical break-in scenario

This document outlines the scenario of a physical break-in in a high-voltage substation in which the intruders have tampered with digital equipment. Member organizations can use this scenario as a baseline and use their incident response processes to guide the expected answers during the exercise.

WP-061-2022: Update on EU regulations

The European Union has been very active in developing new regulations to manage cybersecurity risks. In 2022, we expect that three different regulations will be

WP-043-2019: ISMS Best Practice Guide

The objective of the member project for Information Security Management was to gather and share best practices for implementing and running an Information Security Management

WP-017-2019: ISMS MP Key Findings

The objective of the member project for Information Security Management was to gather and share best practices for implementing and running an Information Security Management

WP-007-2018: Triton Analysis

ENCS informs its members about this attack and provide an interpretation. It is a new entry in the short list of publicly disclosed malwares that