CISO Security Services

CISO Services2018-12-12T16:42:35+00:00

Let Us Own Your Security Problems

Top security resources are difficult to find, and even more difficult to retain. Consulting firms don’t understand your business, have limited face-time, and regularly change out resources … often giving your work to the most junior team members.

MRK believes in a different approach. A highly experienced, locally-based CISO becomes a member of your team. Less expensive and easier to retain than hiring top talent in-house, they are responsible for delivering on projects, moving the needle on security and being readily available to your team in times of crisis …not simply pointing the finger at where gaps lie.

Loading...

Decades of Security Experience, Integrated Into Your Team

With MRK you don’t just get recommendations and security product suggestions, you get direct access to the collective expertise and experience of our seasoned information security professionals. Our CISO’s have decades of real world expertise in the security industry. Unlike many other firms, we don’t utilize junior level staff consultants – only security veterans.

Relationships matter, which is why at MRK, we want to be part of your team. We get to know the members of the team we are working for and build relationships with those individuals. With many of our clients, there has been a relationship for multiple years – we even make house calls when needed.

Our cybersecurity experts work with you, hand in hand, to fully understand your business, your infrastructure, and your IT setup to create and support an information security practice that is ideal for your needs now and built to scale and grow with you.

CISO For Hire

Have you struggled to fill the CISO role in your organization?  Is it impossible to justify having one full-time? One of our CISO’s will become an ongoing part of your team responsible for developing security strategy, executing on projects, advising you on the latest security developments, and helping to mentor your team on security.

Threat Intelligence Program

Traditionally, security programs have tried to build walls to keep ANY attacker out. Today, it is far more efficient to identify the threats you actually face and focus efforts around responding to them.

MRK will help you develop an entire program tailored to the needs and resources of your organization. MRK will train your team on intelligence gathering, create Indicator of Compromise (IoC) triggers and develop Program Deliverables that can be implemented by MRK or by your own team.

Incident Response Tabletop

Is your team prepared for a data breach? If not, let us help.

MRK has helped clients to simulate large breaches through tabletop exercises. These efforts will involve players from within IT as well as key players in legal, corporate communications, and other areas likely to be involved in an actual response. Teams will be stretched past their comfort zone and learn a tremendous amount about how the organization will actually respond in the event of a large breach and how to prepare to handle it better.

Security Operations Assessment

MRK developed the Security Operations Assessment for organizations that have purchased one or more security tools without fully developing or documenting the process to use them. The exercise takes an enterprise-wide review of security operations, including security tools, operational procedures and baseline security operations posture. Our CISO team will recommend improvements, including standard operating procedures, security and monitoring tools, and everything needed for successful implementation.

Risk Assessment

Our CISO team will take an enterprise-wide look at your security practices and provide a strategic assessment and scorecard of how you stack up. In addition to the assessment you’ll receive a heatmap of identified risks and a complete security plan prepared by our team working alongside yours. This planning process is highly collaborative and will provide actionable project plans that account for your budget and other demands of your team members

Customized Solution

The offerings above are only a small sample of the numerous ways MRK has worked with its clients to solve unique security problems.  If you have something unusual, something that doesn’t seem to fit a cookie-cutter consulting engagement, or simply a problem that you’ve not been able to solve … our team would love to help. With decades of experience in security, there are few problems that we haven’t faced.

Examples include:

  • Developing security strategies for OT and production control networks
  • Creating intellectual capital your sales team can use to capture new business by stressing security competency
  • Ensuring a process is in place to secure cloud applications and services across your organization
  • Responding to third party audit requests and managing risk to your organization through careful responses
  • Training and mentoring new security staff through regular, on-site collaborative sessions
  • Preparation for third party audits such as SSAE16/SOC2, ISO 27001 and PCI

Customer Spotlight

 

We don’t have a lot of vendors (VARs) here at Hahn Loeser, because there are very few of them that can step up to the high demands that a law firm requires. For over 10 years MRK has consistently exceeded our demands and expectations. They understand what it means to support the customer, and they have proven that on several occasions with Hahn Loeser. The sign of a good vendor, or any company, is not how they treat you when everything goes right, it’s how they treat you when something goes wrong. Rather than just hoping the issue goes away, the MRK team supports us, the customer, and have fought the software / hardware providers on our behalf. This is why we continue to do business with MRK.

Joe Budz
Hahn Loeser & Parks

Our Partners

Let’s Chat