Silhouette of Power Supply Facilities at Sunset

Case Study: Iconic Power Systems

Case Study: Iconic Power Systems

Synopsis
4 Minute Read

MNP helped this Alberta-based construction business implement a robust cyber security management program and exceed increasingly stringent regulatory requirements.

Enhanced management processes close gaps and position Alberta company as a leader in critical infrastructure protection

Overview

This Alberta construction company was facing an environment of growing cyber risk exposure, several contractual gaps highlighted by a client, and increasingly stringent regulatory demands related to critical infrastructure protection (CIP).

MNP reviewed the gaps in their CIP compliance and helped implement a robust governance and management program to meet and ultimately exceed stakeholder expectations.

Services

Cyber Security & Privacy • Energy & Utilities

maze icon Challenge

Public utilities such as power generation and transmission facility operators are increasingly lucrative targets for cyber criminals, terrorists, and state-sponsored attackers. With the potential for virtual attacks to inflict significant real-world damage, companies like Iconic Power Systems (Iconic) must take steps to address stringent CIP requirements.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator (AESO).

light bulb icon Approach

Baseline assessment and gap analysis

Our first step was to review the current processes in place at Iconic — along with findings from an assessment prepared by one of their clients — to understand where critical information exists within their data security environment any inherent risks related to CIP. We used this information to develop a gap assessment which revealed the necessary changes to get to the desired state.

Data and security governance

MNP delivered updates to Iconic’s policies, processes, and procedures, and developed forms for cyber system information management to align with CIP requirements, contractual requirements, and the client’s recommendations. We developed compliance management program areas, including:

  • physical and electronic security management reviews and assessments
  • security incident management reporting, investigation and notification
  • confidential and building component safety information BCSI client information reviews and assessment against affiliate contract and IPS policies
  • third party / affiliate management controls, reviews, and assessments

Finally, we provided recommendations to the company’s IT service provider to ensure they could meet Iconic’s incident management and recovery needs.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator AESO.

checkmark icon Results

With MNP’s help and recommendations, Iconic exceeded the requirements of their client and AESO regulations and is now a recognized leader in their industry with regard to CIP.

“We were proactive and brought the right company to do the work for us,” says Jay Bruchet, President, Iconic Power Systems.

Next steps

Learn more about how MNP can help Canadian Energy and Utility organizations rise above challenges and capitalize on opportunities.

Insights

  • Progress

    April 22, 2025

    A roadmap for passing the family dealership to the next generation

    For family-owned dealerships, passing ownership of the business to the next generation means considering more than just the financials.

  • Confidence

    Climate transition risk and financial institutions

    Canada's financial institutions are uniquely exposed to risk as domestic and global economies seek to address climate change. The results of a federal pilot project shed light on how the financial sector is responding, and the necessary steps to thrive in a net zero business environment.

  • Agility

    Three ways to create a more efficient practice with technology

    The Canada Digital Adoption Program (CDAP) can help your practice increase efficiency and overcome the barriers associated with digital transformation.