As last summer's virus attacks vividly demonstrated, companies of every size are finding themselves hard pressed to maintain around-the-clock network security. Arriving nearly simultaneously, the Blaster, Welchia, and Sobig.F worms invaded hundreds of thousands of corporate computers, resulting in billions of dollars of damages and lost productivity. In this new atmosphere, where crippling attacks arrive almost immediately after vulnerabilities are announced, how can enterprises maximize their IT investments and successfully manage security? They can tackle the job with their in-house IT staff, of course, or they can outsource the task to a managed security services provider (MSSP). This article will look at certain key issues for determining when outsourcing security is the best approach to take. . . .
As last summer's virus attacks vividly demonstrated, companies of every size are finding themselves hard pressed to maintain around-the-clock network security. Arriving nearly simultaneously, the Blaster, Welchia, and Sobig.F worms invaded hundreds of thousands of corporate computers, resulting in billions of dollars of damages and lost productivity. In this new atmosphere, where crippling attacks arrive almost immediately after vulnerabilities are announced, how can enterprises maximize their IT investments and successfully manage security? They can tackle the job with their in-house IT staff, of course, or they can outsource the task to a managed security services provider (MSSP). This article will look at certain key issues for determining when outsourcing security is the best approach to take.

One thing the viruses mentioned above made clear is that the changing nature of cyber attacks has turned security into something of a moving target for enterprise operations. Constantly evolving threats relentlessly expose gaps in these companies' security systems. And that has produced a singular dilemma.

According to research and advisory firm Gartner Inc., at most companies, the staff responsible for IT security functions is also responsible for other activities and spends most of its time on non-security projects. For any resource-constrained organization, the added responsibility of managing security is often just too taxing. Gartner has concluded that in-house teams struggle to understand and defend against the latest security threats because this requires constant system monitoring - something that few businesses can afford.

The link for this article located at net-security.org is no longer available.