Cyber Security Advisory & Management Partners
Iron Spear takes a business approach to cyber security by understanding how an incident may impact your business processes, whether that is a financial transaction or an industrial process controlling a valve.
We don’t sell products, instead we help identify solutions to your risk and business requirements. We provide your executive team insight into the health and maturity of your cyber security program, both within IT and OT environments.
At Iron Spear we are committed to providing solutions to meet the needs of our clients, whether it is security compliance, control testing, or program development and operation. We always focus on translating technical issues into real business risk and communicating these to leadership in a manner that is logical and relates to the organisation.
“Your approach is unique and gives us flexibility.”
– CIO, Crown Corporation
“First time someone was actually able to tell me how we are doing and what I need to be concerned about.”
– Shipping Company CEO
“…your contribution to this audit was invaluable…”
– Senior Government Auditor
Frequently Asked Questions
If I’m a small organization how can Iron Spear help me?
Cyber Security is important to all organizations and our services are easily scalable to all sizes of organizations.
Do you only have clients in Vancouver and Calgary?
We work with clients across Canada.
Who needs Cyber security?
Everyone! Everyone from individuals to corporations has sensitive personal information on devices and services that if compromised, can be used for fraudulent purposes.
How can I prepare for my initial cyber security assessment?
Gather the most current system diagrams and documentation. This will help us quickly determine the current state and where to start.
Identify which systems are most critical to business operations. Consider all technology involved in business processes that could have negative impact on the businesses brand, reputation, or revenue if failed
Identify who is responsible for oversight of each business system and who understands system operation. Engage these resources throughout the assessment. They will be able to provide valuable insight and assistance to coordinate on-site assessment activities
What are the risks of running a vulnerability scan?
Scans can range in aggressiveness. It’s better to be cautious and only safe settings – consult vendor documentation and sample templates if not sure which settings to use.
When running vulnerability scans in an operational environment, it’s important to start with least critical networks/devices first.
Vulnerability scan activity should be reviewed with operations to determine if any negative effects were observed on the less critical environment before proceeding to more critical systems.
If there are no issues are detected during the initial scans, it may be safe to proceed scanning mode critical devices, but it’s important to limit scanning to minimize risk.
Be reasonable in scan activity, do not scan hot and standby servers or all operator workstations simultaneously, pick a subset to scan or schedule scans in succession.
Always notify operations staff prior to any vulnerability scans and follow up when completed. Provide them with a single point of contact to report any issues identified during the scan
Explore how Iron Spear can bring insight and value into your cyber security program, or perhaps you are simply seeking some advice around cyber security. Give us a call or send us an email and we will be happy to assist.
Call Us: Toll Free 1.800.561.4007