Would outsourcing your security make sense from a financial and resource perspective?

Security & GRCOutsourcing & Managed Services
15.9k views1 Upvote6 Comments
CIO in Software, 201 - 500 employees
Yes
4 2 Replies
Chief Technology Officer in Services (non-Government), 501 - 1,000 employees

It's what we've done.

CIO & Director : Enterprise Operations Services in Software, 10,001+ employees

Indeed it does, since it is impossible for a single organization to have every type of skill, nurtured talent and sometimes keeping it within would mean ignoring ….its like reducing the risk and if somebody who is ready to take your risk will be vigilant to ensure that there are least security breaches.

Founder/CTO in Hardware, 11 - 50 employees
I would say it depends. Clearly, you have to have an outside agency do audit's if that is needed as part of your business ie. SSA16, BASEL 3, etc. I think for small and mid-size company it does make sense since it is hard to hire and retrain skills in the security and auditing space. The key is to understand what are your requirements, what are the risks and can the provider meet your needs.
CIO in Finance (non-banking), 51 - 200 employees
You have to look at which aspect of the security you are describing. For example, a small firm will have a tough time running a security operations center so it makes sense to look for help on that. But there are at least 100 different aspects of cybersecurity under the NIST matrix and a lot of those things are not things that you will want to outsource.
1 Reply
VP of Global IT and Cybersecurity in Manufacturing, 501 - 1,000 employees

For small and midsize enterprises I makes sense. As others have indicated, its important to understand your requirements, what/where are the specifics risks can you manage them cost/human effectively with an internal team.

1

Content you might like

If you had a magic wand - what's the #1 daily business challenge you'd eliminate?

People & LeadershipStrategy & ArchitectureCloud+57 more
CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
142 19 Replies
Read More Comments
40.6k views131 Upvotes319 Comments

If your cybersecurity spend is increasing, how much is it increasing by?

Security & GRCFinancial Management

Less than or equal to 5%33%

Between 6% and 10%56%

Between 11% and 15%6%

Greater than 16%3%


636 PARTICIPANTS
1.9k views

What headline-trend or buzzword makes you cringe the most?

People & LeadershipStrategy & ArchitectureCloud+32 more

Big Data21%

Remote Work17%

Microservices / Containerization11%

CI / CD5%

Zero-Trust15%

Automation2%

Digital Transformation16%

Cloud / Cloud Native1%

DevOps or DevSecOps6%

Other (comment)1%


1005 PARTICIPANTS
2.6k views5 Upvotes16 Comments

Does the risk of Ransomware and malware propagation bother you? Is IoT security a top of mind for you? To protect against many risks, we have witnessed success of micro-segmentation in the data center. Would you be willing to deploy similar solution for the campus? I am very curious to get your feedback?

Security & GRCThreat & Vulnerability Management
Read More Comments
2.5k views5 Upvotes5 Comments

How do you go about convincing your leadership/board to increase investment in security specifically for web apps? What's been effective, in your experience, for communicating why web application security is important?

Security & GRCSecurity Strategy & RoadmapThreat & Vulnerability Management+1 more
Read More Comments
1.2k views2 Comments