Iron Spear is a niche cyber security advisory firm committed to providing solutions to meet the needs of our clients whether they are looking for security compliance, control testing, or program development and operation. Our services focus on translating technical issues into real business risk and communicating these in a logical manner that relates to business. Our consulting practice has extensive experience in: - Security governance and risk management - Security frameworks and program development - Policies, standards and procedure development - Control assessments and cyber maturity assessments with industry benchmarking - OSFI compliance - Canadian Energy Regulator audits - NERC-CIP compliance and assessments - Identity and access management - Industrial control assessments and program developments - Subject matter expertise given to provincial auditor generals - User training and awareness, including phishing exercises - Business impact assessments - Incident response and threat management services - Incident response plan development and annual tabletop execution - Vulnerability, penetration and red team testing services - Threat hunting and threat intelligence - ISO 27001, COBIT, NIST alignment