Decades of Security Experience, Integrated Into Your Team
With MRK you don’t just get recommendations and security product suggestions, you get direct access to the collective expertise and experience of our seasoned information security professionals. Our CISO’s have decades of real world expertise in the security industry. Unlike many other firms, we don’t utilize junior level staff consultants – only security veterans.
Relationships matter, which is why at MRK, we want to be part of your team. We get to know the members of the team we are working for and build relationships with those individuals. With many of our clients, there has been a relationship for multiple years – we even make house calls when needed.
Our cybersecurity experts work with you, hand in hand, to fully understand your business, your infrastructure, and your IT setup to create and support an information security practice that is ideal for your needs now and built to scale and grow with you.
Our Service Offerings
The majority of MRK’s business is unique and customized to fit each client’s specific requirements; however, below are representative engagements that we commonly perform for our clients:
CISO For Hire
Have you struggled to fill the CISO role in your organization? Is it impossible to justify having one full-time? One of our CISOs will become an ongoing part of your team responsible for developing security strategy, executing on projects, advising you on the latest security developments, and helping to mentor your team on security.
Threat Intelligence Program
Traditionally, security programs have tried to build walls to keep ANY attacker out. Today, it is far more efficient to identify the threats you actually face and focus efforts around responding to them.
MRK will help you develop an entire program tailored to the needs and resources of your organization. MRK will train your team on intelligence gathering, create Indicator of Compromise (IoC) triggers and develop Program Deliverables that can be implemented by MRK or by your own team.
Incident Response Tabletop
Is your team prepared for a data breach? If not, let us help.
MRK has helped clients to simulate large breaches through tabletop exercises. These efforts will involve players from within IT as well as key players in legal, corporate communications, and other areas likely to be involved in an actual response. Teams will be stretched past their comfort zone and learn a tremendous amount about how the organization will actually respond in the event of a large breach and how to prepare to handle it better.
Security Operations Assessment
MRK developed the Security Operations Assessment for organizations that have purchased one or more security tools without fully developing or documenting the process to use them. The exercise takes an enterprise-wide review of security operations, including security tools, operational procedures and baseline security operations posture. Our CISO team will recommend improvements, including standard operating procedures, security and monitoring tools, and everything needed for successful implementation.
Our CISO team will take an enterprise-wide look at your security practices and provide a strategic assessment and scorecard of how you stack up. In addition to the assessment you’ll receive a heatmap of identified risks and a complete security plan prepared by our team working alongside yours. This planning process is highly collaborative and will provide actionable project plans that account for your budget and other demands of your team members
The offerings above are only a small sample of the numerous ways MRK has worked with its clients to solve unique security problems. If you have something unusual, something that doesn’t seem to fit a cookie-cutter consulting engagement, or simply a problem that you’ve not been able to solve … our team would love to help. With decades of experience in security, there are few problems that we haven’t faced.
- Developing security strategies for OT and production control networks
- Creating intellectual capital your sales team can use to capture new business by stressing security competency
- Ensuring a process is in place to secure cloud applications and services across your organization
- Responding to third party audit requests and managing risk to your organization through careful responses
- Training and mentoring new security staff through regular, on-site collaborative sessions
- Preparation for third party audits such as SSAE16/SOC2, ISO 27001 and PCI