The real cost of cheap penetration testing
In today’s world, keeping information safe from cyber threats is a top priority for businesses big and small. Penetration testing helps uncover potential weaknesses in online defences and is a really effective way to check vulnerabilities in our systems. As with any effective tool to help business, penetration testing has become a commodified service offered […]
Common vulnerabilities uncovered in network security testing
Whether they be SMBs, large enterprises, or government entities, Australian organisations rely on networks to maintain operations and serve customers. This reliance on networks has also created ample opportunities for experienced and opportunistic threat actors to steal data and cause disruption to businesses that we all need. In FY2023, the Australian Signals Directorate (ASD) responded […]
Why your business needs a cybersecurity roadmap
A cyber security strategy roadmap is your organisation’s strategic guide for managing and strengthening the cyber security posture. It aligns cyber security initiatives with the company’s technology and strategic goals to ensure security initiatives meet current and future needs. A cyber security roadmap involves: Why do we recommend a roadmap as the first step to […]
3 ways cybersecurity policies improve your company’s defences
Approaching cybersecurity with discipline elevates confidence in your organisation, both externally and internally. Having discipline in your cybersecurity approach means aligning what you’re supposed to do (compliance) at the level you’re asked to do it (regulations), with a mindset that understands how things could go wrong (risk assessments) and with your unique way of completing […]
Mercury Set to Unveil industry-leading Research Services at IndoPac 2023
Introduction Mercury Information Security Services Pty Ltd (Mercury), an established leader in cybersecurity services and consulting in Australia, is proud to announce the launch of its Research Services on the 1st November 2023. This new offering represents a significant milestone for the company, reflecting its sustained effort over the past 18 months to refine a […]
Why must your organisation prioritise regular cybersecurity audits?
Proactivity should be the core of your cybersecurity strategy. There is little point in reacting, discovering and patching vulnerabilities after experiencing a cyber event when you have already lost trust, time, money, employees and customers. You need a structure in place for understanding and covering the gaps now to minimise an attack’s impact on your […]
Why your cybersecurity governance strategy must cover third-party risks
Your business relies on an ecosystem of third-party organisations to meet various requirements, from manufacturing to internal IT processes. You would likely struggle to survive without these partnerships; smaller businesses often do not have the resources to bring some functions in-house, and third-party suppliers greatly contribute to the business’ success. Even for larger organisations, bringing […]
Mercury’s Shirt for BSides: An Homage to Florence Violet McKenzie
Working in cyber security, we are all about black t-shirts. Whilst I have been accused of having some fashion sense, I also own some 60 black shirts and 3 hoodies collected over the years from conferences, colleagues and memes that have spread over the years. I thought it was about time Mercury made one to […]
Security Architecture, Governance & Engineering (SAGE): A look into our approach to cybersecurity
Between July and December 2022, the Office of the Australian Information Commissioner (OAIC) received 350 reports of malicious attacks, an increase of 41% from the previous six months. As cyber security threats become more sophisticated, so must your approach to preventing them. Good cyber security is no longer about simply keeping threat actors out; you […]
AFS Licensees: Are you meeting your cybersecurity obligations?
Australian Financial Services (AFS) licensees are attractive targets for an array of threat actors, from insider threats to cyber criminals, because they hold the promise of incredibly sensitive data and great monetary gain. As such, AFS licensees should operate under the assumption that cyber attacks are inevitable events that could impact the business at any […]