Not My Problem?

The unthinkable is becoming thinkable. In an increasingly unsafe world where companies of all shapes and sizes are under constant attack from hackers and fraudsters, a new research note from TowerGroup (Needham, Mass.) suggests that the best answer may, in fact, be the outsourcing of security. The report encourages firms to forego the notion that security is too important to trust to a managed security service provider (MSSP) and research the logistics behind a security outsourcing agreement.

All parts of a security infrastructure are constantly moving, and trying to keep up with advances in threats, technology and even regulations can lead to a diverse collection of fractured and siloed solutions, according to TowerGroup. Outsourcing security allows the service provider to implement best-of-breed solutions with scalability and ensure compliance with the vast assortment of global, national, sector and industry security standards, the research and advisory firm says. In fact, the research notes that some MSSPs even offer guarantees against "known threats," offering greater assurance than in the past.

Additionally, internally funded and managed security involves extensive up-front investment, while a per-service or per-seat model offered by an MSSP can prove to be a better fit for an organization's budgeting priorities, TowerGroup points out. However, firms need to recognize that over time this model may become prohibitively costly, the report stresses, and in no way does outsourcing security absolve a firm in the event of a security breach. <<<