Case Study: Iconic Power Systems

Case Study: Iconic Power Systems

Synopsis
4 Minute Read

MNP helped this Alberta-based construction business implement a robust cyber security management program and exceed increasingly stringent regulatory requirements.

Enhanced management processes close gaps and position Alberta company as a leader in critical infrastructure protection

Overview

This Alberta construction company was facing an environment of growing cyber risk exposure, several contractual gaps highlighted by a client, and increasingly stringent regulatory demands related to critical infrastructure protection (CIP).

MNP reviewed the gaps in their CIP compliance and helped implement a robust governance and management program to meet and ultimately exceed stakeholder expectations.

Services

Cyber Security & Privacy • Energy & Utilities

maze icon Challenge

Public utilities such as power generation and transmission facility operators are increasingly lucrative targets for cyber criminals, terrorists, and state-sponsored attackers. With the potential for virtual attacks to inflict significant real-world damage, companies like Iconic Power Systems (Iconic) must take steps to address stringent CIP requirements.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator (AESO).

light bulb icon Approach

Baseline assessment and gap analysis

Our first step was to review the current processes in place at Iconic — along with findings from an assessment prepared by one of their clients — to understand where critical information exists within their data security environment any inherent risks related to CIP. We used this information to develop a gap assessment which revealed the necessary changes to get to the desired state.

Data and security governance

MNP delivered updates to Iconic’s policies, processes, and procedures, and developed forms for cyber system information management to align with CIP requirements, contractual requirements, and the client’s recommendations. We developed compliance management program areas, including:

  • physical and electronic security management reviews and assessments
  • security incident management reporting, investigation and notification
  • confidential and building component safety information BCSI client information reviews and assessment against affiliate contract and IPS policies
  • third party / affiliate management controls, reviews, and assessments

Finally, we provided recommendations to the company’s IT service provider to ensure they could meet Iconic’s incident management and recovery needs.

Iconic approached MNP to assist with the design and implementation of practical security processes and controls related to their utility construction work. The resulting policy, procedural and process changes would satisfy contractual obligations with clients and regulatory requirements of the Alberta Electric System Operator AESO.

checkmark icon Results

With MNP’s help and recommendations, Iconic exceeded the requirements of their client and AESO regulations and is now a recognized leader in their industry with regard to CIP.

“We were proactive and brought the right company to do the work for us,” says Jay Bruchet, President, Iconic Power Systems.

Insights

  • Performance

    May 24, 2022

    Boost profitability from a different angle

    Finding new ways to improve margins can be challenging, but working with an experienced consultant can open new opportunities and reduce unplanned detours.

  • Progress

    May 20, 2022

    Enhanced hospital GST / HST rebates for long-term care facilities

    If you operate a long-term care facility and are currently only claiming the GST / HST rebate for charities or qualifying not-for-profit organizations, it may be time to revisit your eligibility for an enhanced hospital rebate announced in the 2022 Federal Budget.

  • Agility

    May 19, 2022

    Crypto asset mining – A review of recent proposals

    Proposed amendments to tax rules around crypto assets could impact business engaged in crypto mining activities. We explore how new definitions shift GST / HST costs under the proposed changes.