Analysis

Don't be scared of outsourcing your security needs

Outsourcing can be a good thing - provided we avoid the stereotypes - claims Davey Winder...

My late father always told me that in order to be successful I should play to my strengths. He was talking about life skills, but his words stuck with me when it came to business as well.

Nearly 25 years ago when a career change was being forced upon me, I reflected upon what I was good at and it turned out that my skills were: writing, conversation and hacking. So I put these things to good use and became a security consultant and journalist. Given that the 'focus on what you know' advice is pretty much business 101 stuff, why is it then that so many organisations find it so hard to outsource their security needs?

Advertisement - Article continues below

New research from Computer Economics says that when it comes to outsourcing, only eight per cent of technology budgets within larger enterprises are earmarked for outsourcing. Even though the report suggests that security is on an upward outsourcing trend, being one area where the enterprise sees real third-party vendor value, it still leaves me feeling that most organisations are simply running scared of letting go.

There is an argument that outsourcing is seen as a money saving move, nothing more and nothing less. This perception of the outsourcing market - a perception held more by consumers than corporates it has to be said - is amplified when it comes to security. After all if you suffer a breach and customer data is impacted then everyone looks for the weaknesses in your security posture that allowed it to happen. The fact you outsourced your security needs to some cheap offshore outfit is not going to do your brand reputation much good. 

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

For a start, outsourcing your security needs does not automatically mean offshoring; one of the biggest cloud-based security outfits is based in Cardiff, for example. Not that it matters, especially when we are talking security-as-a-service, when it comes to cloud. Not only do we need to get over the whole outdated and arguably racist overseas call centre image of outsourcing, we need to stop confusing value with cheapness as well.

Get your security-as-a-service investment right and you may well be saving money courtesy of not having to employ or hire analysts for log monitoring and management, for threat research and investigation or find the capital expenditure and ongoing upkeep costs of in-house infrastructure. Outsourcing such things means it's all wrapped up in budgetable fixed fee. That is not the same as doing it on the cheap, that is delivering value to your enterprise and to your customers through improved security.

Advertisement - Article continues below

But it's not all about the money anyway; value isn't just measured in monetary terms. Improved security with better flexibility is a good thing, and even if it costs much the same as doing it less effectively in-house it still delivers value. It is also good practice. So stop avoiding the outsourcing option just because of bad experiences or unfair stereotypes. Anyone with an ounce of sense will realise that spending money where it makes a difference to the overall security posture of the enterprise is good, and throwing money at the security equivalent of treading water is bad.

Investing money in people that understand the security issues facing your organisation, and the processes required to mitigate those risks, is nothing to be scared of...

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/security/cyber-attacks/356417/trump-confirms-cyber-attacks-on-russia-election-trolls
cyber attacks

Trump confirms US cyber attack on Russia election trolls

13 Jul 2020