Solutions

Risk/Cyber Security

Align information security strategies with business goals that are consistent with defined levels of acceptable risk.

Strategic Security Solutions for Your Business

At Mercury Consulting, we believe in aligning information security strategies with your unique business goals, while ensuring they conform to defined levels of acceptable risk. Our Cyber Security / Risk Advisory Services offer a comprehensive approach to help you understand the holistic risks to your mission-critical information assets and address any gaps in your existing controls.

Client Testimonial: “I find Mercury to be quite knowledgeable in the area of information protection, security, and related standards, assessments, and certifications, in addition to overall IT. Mercury can make quick, precise work of an assessment project and present their findings thoroughly and in English. I would not hesitate to use Mercury on future projects as they may arise and to recommend them to others for the same.”

Our Consulting Services
We recognize the increasing responsibilities companies face in complying with industry regulations and customer requirements. Standards examiners and potential business partners favor organizations with a structured risk management approach and a proactive cyber security plan. Mercury collaborates with clients to seamlessly integrate security technology into existing business operations, providing immediate and measurable value.

Security Control Framework Assessments

Mercury will review and align your existing security policy and controls with the required controls framework, allowing you to demonstrate a standards-based approach to your business partners, investors, and stakeholders.

● ISO 27001 Assessment
● ISO 27002 Policy & Controls Alignment
● NIST 800-53 Assessment
● NIST Cyber Security Framework Assessment
● FISMA Assessment
● Trust Services Principles and Criteria (prior to SSAE 16 audit)
● Cloud Security Assessment

Security Policy & Procedure Development/Alignment

Mercury Consulting helps organizations ensure their Information Security policies and procedures are comprehensive and properly aligned to support their unique mix of legal, regulatory, contractual, and business requirements. We can develop or modify detailed Information Security procedures that support policy requirements, and align these procedures to a specific Security Control Framework so you can ensure that all required controls are supported by both procedure and policy-level documentation.

● Security Policy Development/Modification
● Security Procedure Development/Modification
● Security Policy Alignment to Security Control Framework (e.g., ISO 27002)
● Security Procedure Alignment to Security Control Framework (e.g., ISO 27002)

Unified Compliance Assessments

Mercury conducts a standards/policy based risk assessment to evaluate current state compliance or variance with desired state. The Mercury methodology includes review and analysis of client’s existing security program documentation in conjunction with interviews of various project stakeholders.

● HIPAA/HITRUST
● PCI
● SOX
● Privacy Laws

Security Testing Services

Mercury Consulting’s Security Testing Services will help you identify weaknesses in your perimeter systems and externally facing Web applications, and provide assurance to auditors and business partners that your security controls are effective.

● Security Controls Testing (e.g., HIPAA)
● Penetration Testing
● Vulnerability Scanning
● Application Security Testing
● Web Application Security Testing

Security Technology Services

Mercury Consulting’s Security Program provides a cost-effective way to develop, manage, and deliver security strategies, procedures, and technologies for managing security risk while providing compliance with legal, regulatory, and client contractual requirements for protecting sensitive information.

● Security Technology Deployment
● Security Technology Upgrade

Managed Security Services

Mercury Consulting utilizes best-of-breed methodologies and experienced staff to provide critical security services to facilitate on-going, effective, and secure management of business information.

● Managed SIEM
● Managed Firewalls
● Managed IDS/IPS
● Managed Remote Access
● Managed DLP
● Managed Endpoint

Schedule a Free Consultation

Partner with Us for Comprehensive IT

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Your benefits:
What happens next?
1

We Schedule a call at your convenience 

2

We do a discovery and consulting meeting 

3

We prepare a proposal 

Schedule a Free Consultation