Risk/Cyber Security
Align information security strategies with business goals that are consistent with defined levels of acceptable risk.
Strategic Security Solutions for Your Business
At Mercury Consulting, we believe in aligning information security strategies with your unique business goals, while ensuring they conform to defined levels of acceptable risk. Our Cyber Security / Risk Advisory Services offer a comprehensive approach to help you understand the holistic risks to your mission-critical information assets and address any gaps in your existing controls.
Client Testimonial: “I find Mercury to be quite knowledgeable in the area of information protection, security, and related standards, assessments, and certifications, in addition to overall IT. Mercury can make quick, precise work of an assessment project and present their findings thoroughly and in English. I would not hesitate to use Mercury on future projects as they may arise and to recommend them to others for the same.”
Our Consulting Services
We recognize the increasing responsibilities companies face in complying with industry regulations and customer requirements. Standards examiners and potential business partners favor organizations with a structured risk management approach and a proactive cyber security plan. Mercury collaborates with clients to seamlessly integrate security technology into existing business operations, providing immediate and measurable value.
Security Control Framework Assessments
Mercury will review and align your existing security policy and controls with the required controls framework, allowing you to demonstrate a standards-based approach to your business partners, investors, and stakeholders.
● ISO 27001 Assessment
● ISO 27002 Policy & Controls Alignment
● NIST 800-53 Assessment
● NIST Cyber Security Framework Assessment
● FISMA Assessment
● Trust Services Principles and Criteria (prior to SSAE 16 audit)
● Cloud Security Assessment
Security Policy & Procedure Development/Alignment
Mercury Consulting helps organizations ensure their Information Security policies and procedures are comprehensive and properly aligned to support their unique mix of legal, regulatory, contractual, and business requirements. We can develop or modify detailed Information Security procedures that support policy requirements, and align these procedures to a specific Security Control Framework so you can ensure that all required controls are supported by both procedure and policy-level documentation.
● Security Policy Development/Modification
● Security Procedure Development/Modification
● Security Policy Alignment to Security Control Framework (e.g., ISO 27002)
● Security Procedure Alignment to Security Control Framework (e.g., ISO 27002)
Unified Compliance Assessments
Mercury conducts a standards/policy based risk assessment to evaluate current state compliance or variance with desired state. The Mercury methodology includes review and analysis of client’s existing security program documentation in conjunction with interviews of various project stakeholders.
● HIPAA/HITRUST
● PCI
● SOX
● Privacy Laws
Security Testing Services
Mercury Consulting’s Security Testing Services will help you identify weaknesses in your perimeter systems and externally facing Web applications, and provide assurance to auditors and business partners that your security controls are effective.
● Security Controls Testing (e.g., HIPAA)
● Penetration Testing
● Vulnerability Scanning
● Application Security Testing
● Web Application Security Testing
Security Technology Services
Mercury Consulting’s Security Program provides a cost-effective way to develop, manage, and deliver security strategies, procedures, and technologies for managing security risk while providing compliance with legal, regulatory, and client contractual requirements for protecting sensitive information.
● Security Technology Deployment
● Security Technology Upgrade
Managed Security Services
Mercury Consulting utilizes best-of-breed methodologies and experienced staff to provide critical security services to facilitate on-going, effective, and secure management of business information.
● Managed SIEM
● Managed Firewalls
● Managed IDS/IPS
● Managed Remote Access
● Managed DLP
● Managed Endpoint
Schedule a Free Consultation
Partner with Us for Comprehensive IT
We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.
Your benefits:
- Client-oriented
- Independent
- Competent
- Results-driven
- Problem-solving
- Transparent
What happens next?
1
We Schedule a call at your convenience
2
We do a discovery and consulting meeting
3
We prepare a proposal