Guidelines for Choosing to Outsource Security Management
Source: CSO Online - Posted by Pax Dickinson   
Security Outsourcing security is not appropriate for every organization. Some organizations will be better served by deploying and running security management and monitoring solutions. Your organization should use Gartner's Decision Framework to determine whether it is a candidate for MSSP services. It is important to be clear about your organization's expectation of a security outsourcing engagement, and to structure a service-level agreement that reflects those expectations.

When your organization decides that it needs active monitoring and management of its security infrastructure, it must then make the build vs. buy decision. This Decision Framework defines the capability and cost aspects necessary for making informed decisions about whether sourcing the management of an IT security perimeter to a managed security services provider (MSSP) is right for your organization.

You must understand the scope and boundaries of a potential outsourcing arrangement and determine the internal resources that will be required to achieve the desired level of security capability. Sourcing decisions must be based on an analysis of required security capabilities, current operational capabilities and cost.

Read this full article at CSO Online

Only registered users can write comments.
Please login or register.

Powered by AkoComment!