All the latest UK technology news, reviews and analysis
|
|
|
27 May 2010
A growing number of chief information officers (CIOs) are considering bringing security and IT management applications back in-house owing to concerns over security and compliance, according to an Ovum report.
The analyst firm's global survey of more than 500 CIOs found that only seven per cent are considering outsourcing IT security over the next two years, down from 18 per cent.
Rhonda Ascierto, a senior analyst at Ovum, believes that the planned reduction in IT security outsourcing is particularly noticeable.
"The main reason for this shift away from IT security outsourcing is most likely a lack of confidence," she said.
"Organisations are now more subject to compliance considerations in the form of external and internal policy-driven requirements, particularly in the wake of the US banking controversies and other financial scandals."
Ascierto added that some CIOs may also prefer security to be managed in-house because they may find it difficult to obtain a measurable security metric from an outsourcing provider, owing to security events often being reported only " after negative security occurrences".
"The reversal of outsourcing security is also likely to be due to some organisations grappling for more control over their IT operations, of which security is a central aspect," she said.
Latest stories from Outsourcing
Related videos
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
IT Support Analyst - Active Directory, Windows 7, MS...
Helpdesk / Desktop Support Analyst (Windows 7, MAC, Windows...
Infrastructure / Server Support Analyst - 3rd Line, Windows...
Credit Risk Modeller, SAS, London, £50,000 Title- Credit...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Should companies really consider security as a service to be outsourcing?
Ovum?s latest report on CIOs looking to cut security outsourcing raises an interesting question ? should companies really consider security as a service to be outsourcing? A lot of our customers choose security as a service because they want to retain the ability to manage their security policies in a flexible and scalable manner, which is the fundamental difference from traditional security outsourcing. The web-based nature of Software as a Service (SaaS) enables far greater control over their policy and protection, allowing organisations to make changes to policies and boundaries in real time, from anywhere. This flexibility is particularly important as more and more employees are using mobile devices to access company networks and the Internet. Measurement of SaaS security?s effectiveness and availability is provided through contractual Service Level Agreement (SLA), so again this is different from the old outsourcing model where users often find it difficult to obtain a measurement security metric from an outsourcing partner. Finally, the landscape of malware and Web threats changes every day, if not every hour, and organisations are going to struggle keeping up with these constant and rapid changes without dedicated investment if security is not in the core of their business. Whilst I understand why some CIOs might want to bring security back within their own organisations, I would strongly advise them to look at security as a service as an alternative and in many cases, more effective mode of operation.
Posted by: Mark Tickle, managing director, EMEA, Webroot 28 May 2010