Silhouette of Power Supply Facilities at Sunset

Case Study: Iconic Power Systems

Case Study: Iconic Power Systems

Synopsis
4 Minute Read

MNP helped this Alberta-based construction business implement a robust cyber security management program and exceed increasingly stringent regulatory requirements.

Enhanced management processes close gaps and position Alberta company as a leader in critical infrastructure protection

Overview

This Alberta construction company was facing an environment of growing cyber risk exposure, several contractual gaps highlighted by a client, and increasingly stringent regulatory demands related to critical infrastructure protection (CIP).

MNP reviewed the gaps in their CIP compliance and helped implement a robust governance and management program to meet and ultimately exceed stakeholder expectations.

Services

Cyber Security & Privacy • Energy & Utilities

maze icon Challenge

Public utilities such as power generation and transmission facility operators are increasingly lucrative targets for cyber criminals, terrorists, and state-sponsored attackers. With the potential for virtual attacks to inflict significant real-world damage, companies like Iconic Power Systems (Iconic) must take steps to address stringent CIP requirements.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator (AESO).

light bulb icon Approach

Baseline assessment and gap analysis

Our first step was to review the current processes in place at Iconic — along with findings from an assessment prepared by one of their clients — to understand where critical information exists within their data security environment any inherent risks related to CIP. We used this information to develop a gap assessment which revealed the necessary changes to get to the desired state.

Data and security governance

MNP delivered updates to Iconic’s policies, processes, and procedures, and developed forms for cyber system information management to align with CIP requirements, contractual requirements, and the client’s recommendations. We developed compliance management program areas, including:

  • physical and electronic security management reviews and assessments
  • security incident management reporting, investigation and notification
  • confidential and building component safety information BCSI client information reviews and assessment against affiliate contract and IPS policies
  • third party / affiliate management controls, reviews, and assessments

Finally, we provided recommendations to the company’s IT service provider to ensure they could meet Iconic’s incident management and recovery needs.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator AESO.

checkmark icon Results

With MNP’s help and recommendations, Iconic exceeded the requirements of their client and AESO regulations and is now a recognized leader in their industry with regard to CIP.

“We were proactive and brought the right company to do the work for us,” says Jay Bruchet, President, Iconic Power Systems.

Next steps

Learn more about how MNP can help Canadian Energy and Utility organizations rise above challenges and capitalize on opportunities.

Insights

  • December 19, 2024

    How MNP’s Voting and Election Services supported Calgary Co-op through the election process

  • Progress

    December 18, 2024

    How your dealership can build a more gender-diverse workforce

    With only 23 percent of employees in new car dealerships being women, the gender gap continues to persist in the automotive industry.

  • Performance

    How will the CRA’s significant GST/HST update impact your dental and orthodontic practice?

    How will the recent GST/HST update impact your dental practice? Understand the new requirements for claiming ITCs and opportunities for GST/HST refund claims.