Enterprise-Grade Cybersecurity for Western Canadian Business
Layered defense, not theatre. EDR, MDR, email security, phishing training, dark web monitoring, MFA, and penetration testing. We assume breach and design from there.
North Star delivers managed cybersecurity for businesses in Prince George and across BC. We are a local managed security provider, not a faceless vendor, and we build defence the way modern attacks actually work: assume the perimeter will be tested, layer controls so one failure does not become a breach, and watch the environment continuously so something gets caught on day one rather than discovered months later.
That starts with endpoint detection and response (EDR) on every device, because antivirus alone misses the techniques attackers use today. We covered the difference in our guide on EDR vs antivirus. On top of that we enforce multi-factor authentication and tighten identity, the single highest-value control most BC businesses are still missing. Our MFA rollout guide walks through doing it without flooding the helpdesk. We run continuous dark web monitoring for leaked credentials, and our blog explains whether dark web monitoring is worth it for a small business.
People are still the most common way in, so we run quarterly phishing simulations and security awareness training with insurer-ready reporting. Before any of that, a fixed-scope security assessment or penetration test shows where you actually stand. And when something does happen, our incident response retainer means you already have a team and a plan instead of scrambling. If you do not have one yet, start from our incident response plan template.
This is built for small and mid-sized BC organisations, including those handling sensitive data or carrying cyber insurance obligations: professional services, trades and construction, forestry, non-profits, and local government across Prince George and Northern BC. Delivered through secure remote tooling with on-site support when needed, the same program serves clients in Alberta, Yukon, and Canada-wide remote teams. Cybersecurity is also available as part of our broader managed IT services.
Every cybersecurity workload, covered.
Pick the workstream you need help with. Each one is run by senior engineers with documented runbooks.
Find the gaps before attackers do.
External, internal, and web application penetration testing, or social engineering. Fixed scope, fixed price, written report you can hand to insurers and the board. Plus a remediation plan you can actually execute.
Learn more →Users that click less.
Quarterly phishing simulations against your real users, short role-based training when they fall for one, and reporting that shows trend lines instead of vanity metrics. Insurers ask for this. Most clients don't have it.
Learn more →Stolen credentials found before they're used.
Continuous monitoring of your domain across breach corpuses, paste sites, and dark web marketplaces. When something appears, we notify, reset, and investigate the root cause. Most clients have leaked credentials they don't know about.
Learn more →When something hits, you already have a team.
Pre-paid incident response retainer with documented run-books, guaranteed response times, and unused hours that roll into security work. Insurers prefer it. CFOs prefer it to billing surprises during a crisis.
Learn more →MFA that users don't sabotage.
Most failed MFA rollouts fail on user experience, not technology. We design the conditional access policies, app integrations, and recovery flows so the security is real and the friction is invisible. Microsoft 365 identity, Duo, or Okta.
Learn more →Cybersecurity Pricing
Transparent cybersecurity pricing.
Full security stack with 24/7 SOC, EDR, MDR, and SIEM. Founding prices lock in for clients signing before September 1, 2026 and hold for the life of the agreement. All prices CAD, per user, per month. GST 5% applies.
MSSP Advanced
$175/ user / month
EDR + MDR + 24/7 SOC + monthly threat hunting report. For SMBs that need defense without a full compliance program.
MSSP CIS-Aligned
$225/ user / month
MSSP Advanced + CIS Controls v8 implementation, SIEM with 90-day log retention, and quarterly evidence packs for cyber insurance.
Security Awareness Training
$8/ user / month
Phishing simulations, microlearning modules, dark web monitoring, and quarterly reporting. Add-on to any tier.
Penetration Test
$4,500+per network, one-time
External and internal network penetration test with remediation roadmap. Required for SOC 2 and ISO 27001 annual cycles.
All prices estimated and vary by project. Final pricing depends on user count, scope, on-site vs remote delivery, compliance requirements, hardware costs, third-party licensing, and travel. We issue a fixed-fee Statement of Work after the Free IT Assessment. See the complete price list for every billable service.
Want a real conversation about your IT?
Book a 30-minute scoping call. We'll look at what you have, what's hurting, and what's worth changing. No quote-or-die pressure.
Get a Free Assessment Contact usCybersecurity across BC, Alberta, and Yukon.
Pick your city for local pricing, response windows, and recent project notes.
Frequently asked questions
Do you provide cybersecurity services in Prince George?
Yes. North Star is based in Prince George, BC, so Prince George and Northern BC are our home market. We deliver the full security program locally, with continuous remote monitoring and on-site support when it is needed. The same program extends across BC and, through secure remote tooling, to businesses in Alberta, Yukon, and Canada-wide remote teams.
What is included in managed cybersecurity?
Our managed cybersecurity covers endpoint detection and response (EDR), multi-factor authentication and identity hardening, email security, dark web monitoring, phishing simulation and security awareness training, vulnerability management, and incident response. We start with an assessment so the controls match your actual risk rather than a generic checklist.
Will this help us meet cyber insurance requirements?
Usually, yes. Insurers increasingly require MFA, EDR, security awareness training, tested backups, and an incident response plan before they will write or renew a policy. We implement those controls and provide the evidence and reporting underwriters ask for. We can also map our controls to whatever framework or questionnaire your insurer or industry requires, so the exact standards we align to depend on your obligations and the coverage you are pursuing.
How do you respond when there is a security incident?
Our incident response service gives you a documented plan and a team on call before anything happens. When an alert fires, we move to contain the affected systems, investigate the root cause, and get you back to a known-good state, then report on what happened and what to change. If you do not have a plan yet, start from our incident response plan template.