SOC Organization
The SOC (Security Operations Center) plays a crucial role in protecting the digital assets of an organization. A well organized SOC reduces the response time to potential cyberthreats. ENCS provides suggestions and requirements for this matter. You can read these suggestions in the papers below.
WP-094-2025: OT SOCs skills and insights [DRAFT]
With increasing digitalisation of industrial systems and connectivity to corporate networks, many organizations have established OT SOCs dedicated to protecting industrial control systems. To achieve
WP-093-2025: Managing monitoring use cases based on risk [DRAFT]
Grid operators need to continuously develop their security monitoring capabilities to keep up with new threats and keep vulnerabilities under control. One of the challenges
WP-091-2025: Analysis of OT APTs with MITRE ATT&CK [DRAFT]
This whitepaper examines APT threats actors and software relevant to OT attacks to understand tactics and techniques to attack the OT environment. Later, the paper
WP-070-2025: OT SOC charter template based on the SOC-CMM
This document presents a SOC charter template that was initially created within a project for a member of ENCS and was later adapted for use
WP-052-2021: Deployment options for substation security monitoring
An increasing number of grid operators search for solutions to monitor the security of their substations from inside the internal LANs. They see passive monitoring
WP-051-2021: Requirements for security monitoring solutions
This document presents security requirements that grid operators can use in their procurement documents for new security monitoring solutions either for their SCADA systems or