Close up of a person working on a laptop and another working on an iPad

Precautionary Measures to Reduce Your Cyber Risk

Precautionary Measures to Reduce Your Cyber Risk

Synopsis
4 Minute Read

With rising tensions between western nations and Iran, here’s how you can mitigate the increased cyber security risk.

Read more
Insight
Confidence Insight Technology Solutions

With the recent increase in tension between Iran and western nations, MNP is encouraging vigilance among Canadian businesses and recommend you thoroughly review your current cyber security controls. While our team is not aware of any specific cyber security threat or attack campaign in progress, the potential for one is always present — and given the current climate, even more likely than normal.

Industries that Iranian threat groups have previously targeted or are likely to target in the future include:

  • Manufacturing
  • Oil and gas
  • Public sector and government agencies
  • Post-secondary institutions
  • Research organizations
  • Airlines

Know What to Expect

To reduce your risk exposure and prepare yourself for any possibility, we urge your cyber security teams to review the common tactics, techniques and procedures (TTPs), as documented in the MITRE Corporation’s ATT&CK database.

APT33 — Suspected Iranian threat group that has previously targeted aviation and energy businesses in the U.S., the Middle East and Asia. Read More…

ATP39 — Iranian cyber espionage group that tends to target the telecommunications and travel industries with the specific aim of gaining access to personal identifiable information. Read More…

Charming Kitten — Iranian cyber espionage group that targets academic, human rights and media personalities, specifically focusing on email and Facebook as points of access. Read More…

CopyKittens — Iranian cyber espionage group that has previously targeted governments in the U.S., the Middle East and Europe. Read More…

Immediate Steps You Can Take

Whether or not you believe your organization is an imminent target, take this opportunity to review your processes, controls and procedures and ask some pointed security questions — including:

  1. Review and test your cyber incident response plan
  2. Ensure team members are aware of all cyber security policies and procedures — and feel empowered to report any suspicious activity (e.g. emails, etc.)
  3. Is all your software and firmware up to date?
  4. Have you backed up all sensitive and necessary information to an offline source?
  5. When was the last time you conducted a cyber maturity assessment?

MNP Can Help

You can never be too safe; especially in times of great uncertainty. No matter where you are in Canada, we have a national cyber security team member nearby ready to assist with any questions or concerns you might have.

For more information, contact:

National
Danny Timmins, CISSP
National, Cyber Security Leader
[email protected]
B.C.
Peter Guo, CPA, CA, CISA, ABCP, MBA
B.C. Leader, Enterprise Risk Services
[email protected] 		 Elizabeth Vannan
B.C. Leader, Technology Solutions
[email protected]
Alberta
Trac Bo, CPA, CA, CISA, CRISC, ABCP, CGEIT
Technology Risk Services Leader
[email protected] 
Saskatchewan
Sean Devin
National Leader, Technology Solutions
[email protected] 
Manitoba
Gustavo Meschler, CISA
Partner, Enterprise Risk Services
[email protected]

 Brian Beveridge, CMC
Partner, Technology Consulting Services
[email protected] 
Ontario
Eugene Ng, CISSP, PCI QSA, BCOMM
Eastern Canada Cyber Security Leader
E: [email protected] 		 Hash Qureshi, PA, CMA, CRISC, CISA, CISSP, CRMA, P.ENG, MSC
Partner, Enterprise Risk Services
[email protected] 
Quebec
Tom Beaupre, QSA, CISSP, CISA, BS
Quebec Cyber Security Leader
[email protected] 

Related Content

  • Progress
    May 10, 2021

    Becoming a Smart Community: How the City of Fort St. John is unlocking innovation through structural and cultural change

    A series of changes enabled Fort St. John to create a path to new, innovative solutions.

    Read more

  • Confidence
    March 31, 2021

    Planning for increased cyber risks to operational technologies

    As organizations adopt more and more technology, they need to be aware of the risks and threats that come along with the change. Our whitepaper outlines four key challenges and strategies for overcoming them.

    Read more

  • Confidence
    February 13, 2021

    Digital Forensics Tips for Successfully Executing an Anton Piller Order

    As our lives adopt more and more digital tools, lawyers are adapting their methods to meet the new realities. A major area of evolution is in civil search warrants, known as Anton Piller Orders (APOs).

    Read more

Insights

View all
  • Performance

    February 29, 2024

    Create a Long-term Practice Plan and Protect What You’ve Built

    Explore the three areas where SMARTPro can help you plan for the future.

    Read more

  • Progress

    February 29, 2024

    Purchasing a professional practice during a global pandemic

    Tips for navigating the changing world of professional practices from our experienced advisors.

    Read more

  • February 29, 2024

    Is your Credit Union Prepared for the Future

    Digitization and evolving membership preferences are dramatically changing the financial services space. In this first part of our whitepaper series, we focus on three.

    Read more