Precautionary Measures to Reduce Your Cyber Risk
Precautionary Measures to Reduce Your Cyber Risk
With rising tensions between western nations and Iran, here’s how you can mitigate the increased cyber security risk.
With the recent increase in tension between Iran and western nations, MNP is encouraging vigilance among Canadian businesses and recommend you thoroughly review your current cyber security controls. While our team is not aware of any specific cyber security threat or attack campaign in progress, the potential for one is always present — and given the current climate, even more likely than normal.
Industries that Iranian threat groups have previously targeted or are likely to target in the future include:
- Manufacturing
- Oil and gas
- Public sector and government agencies
- Post-secondary institutions
- Research organizations
- Airlines
Know What to Expect
To reduce your risk exposure and prepare yourself for any possibility, we urge your cyber security teams to review the common tactics, techniques and procedures (TTPs), as documented in the MITRE Corporation’s ATT&CK database.
APT33 — Suspected Iranian threat group that has previously targeted aviation and energy businesses in the U.S., the Middle East and Asia. Read More…
ATP39 — Iranian cyber espionage group that tends to target the telecommunications and travel industries with the specific aim of gaining access to personal identifiable information. Read More…
CopyKittens — Iranian cyber espionage group that has previously targeted governments in the U.S., the Middle East and Europe. Read More…
Immediate Steps You Can Take
Whether or not you believe your organization is an imminent target, take this opportunity to review your processes, controls and procedures and ask some pointed security questions — including:
- Review and test your cyber incident response plan
- Ensure team members are aware of all cyber security policies and procedures — and feel empowered to report any suspicious activity (e.g. emails, etc.)
- Is all your software and firmware up to date?
- Have you backed up all sensitive and necessary information to an offline source?
- When was the last time you conducted a cyber maturity assessment?
MNP Can Help
You can never be too safe; especially in times of great uncertainty. No matter where you are in Canada, we have a national cyber security team member nearby ready to assist with any questions or concerns you might have.
For more information, contact:
| National | |
| Danny Timmins, CISSP National, Cyber Security Leader [email protected] |
|
| B.C. | |
| Peter Guo, CPA, CA, CISA, ABCP, MBA B.C. Leader, Enterprise Risk Services [email protected] |
Elizabeth Vannan B.C. Leader, Technology Solutions [email protected] |
| Alberta | |
| Trac Bo, CPA, CA, CISA, CRISC, ABCP, CGEIT Technology Risk Services Leader [email protected] |
|
| Saskatchewan | |
| Sean Devin National Leader, Technology Solutions [email protected] |
|
| Manitoba | |
| Gustavo Meschler, CISA Partner, Enterprise Risk Services [email protected] |
Brian Beveridge, CMC Partner, Technology Consulting Services [email protected] |
| Ontario | |
| Eugene Ng, CISSP, PCI QSA, BCOMM Eastern Canada Cyber Security Leader E: [email protected] |
Hash Qureshi, PA, CMA, CRISC, CISA, CISSP, CRMA, P.ENG, MSC Partner, Enterprise Risk Services [email protected] |
| Quebec | |
| Tom Beaupre, QSA, CISSP, CISA, BS Quebec Cyber Security Leader [email protected] |
|
Insights
-
Performance
April 17, 2024
Conflict in the workplace: the ripple effect on small businesses
Conflict in the workplace can impact small businesses, affecting team dynamics, productivity, and company culture.
-
Confidence
April 17, 2024
Following these steps will protect your practice value if emergency strikes
You can’t predict the future, but building a plan helps to keep your business protected.
-
Performance
April 16, 2024
2024 Federal Budget Highlights
View MNP’s full tax analysis of the 2024 federal budget.
