SOC Organization

The SOC (Security Operations Center) plays a crucial role in protecting the digital assets of an organization. A well organized SOC reduces the response time to potential cyberthreats. ENCS provides suggestions and requirements for this matter. You can read these suggestions in the papers below.

WP-093-2025: Risk-based use cases for OT [DRAFT]

Grid operators need to continuously develop their security monitoring capabilities to keep up with new threats and keep vulnerabilities under control. One of the challenges

WP-091-2025: Analysing APTs with MITRE tools [DRAFT]

This whitepaper examines APT threats actors and software relevant to OT attacks to understand tactics and techniques to attack the OT environment. Later, the paper

WP-070-2025: OT SOC charter template based on the SOC-CMM

This document presents a SOC charter template that was initially created within a project for a member of ENCS and was later adapted for use

WP-052-2021: Deployment options for substation security monitoring

An increasing number of grid operators search for solutions to monitor the security of their substations from inside the internal LANs. They see passive monitoring

WP-051-2021: Requirements for security monitoring solutions

This document presents security requirements that grid operators can use in their procurement documents for new security monitoring solutions either for their SCADA systems or

SOC Organization

Contact us

Would you like to know more?