Our cyber security operations program

In our cyber security operations program, we develop and share knowledge on security operations and the monitoring of grid control systems. The program is aimed at SOC and CSIRT analysts and their managers or team leaders.

Over the years, we have covered topics such as:

Use cases for monitoring operational technology systems
Sensors and technologies for monitoring operational technology systems
Vulnerability management
Incident response for operational technology systems

Discover our goals for this year’s program and the results of past years below.

SOC Organization

The SOC (Security Operations Center) plays a crucial role in protecting the digital assets of an organization. A well organized SOC reduces the response time to potential cyberthreats. ENCS provides suggestions and requirements for this matter.

See our SOC-related whitepapers here:

WP-094-2025: OT SOCs skills and insights [DRAFT]

WP-093-2025: Managing monitoring use cases based on risk [DRAFT]

WP-091-2025: Analysis of OT APTs with MITRE ATT&CK [DRAFT]

See here for upcoming SOC-related webinars:

Webinar: SOC skills and resources

OT IDS testing — 2024/2025

ENCS provides members test results in OT security monitoring solutions. In 2024/2025, ten vendor solutions were tested with updated test cases.

See our 2024/2025 testing documents here:

WP-084-2025: Overview test results for OT intrusion detection systems 2025

WP-083-2025: Forescout test results

WP-082-2025: Claroty test results

See here for upcoming OT testing-related webinars:

Webinar: IoT testing

OT IDS testing — 2021

ENCS provides members test results in OT security monitoring solutions. In 2021, five vendor solutions were tested in an identical environment to evaluate the detection performance and usability.

See our 2021 testing documents here: