IT security to go offshore. Maybe
Nothing is sacred
Infosecurity Europe 2004 IT security - once the most closely-guarded IT function - could become the next candidate for offshoring.
As the security market has evolved, more companies have outsourced functions like security monitoring and response. Tight corporate budgets and a skills shortage of suitably qualified security professionals have accelerated this trend.
According to the Yankee Group, managed security services revenue is set to grow from $1.5bn in 2002 to $3.7bn in 2008.
Maria Cirino, a SVP at VeriSign and head of its managed security service business, explained that the market started with mid-range companies outsourcing the management of their security infrastructures has now developed to embrace larger corporates. A swathe of corporate governance regulations, such as Basel II banking regulations and the US Sarbanes-Oxley Act on accounting, recently came into force. Cirino reckons outsourcing security helps companies to comply these regulations.
Like most segments of the IT market, managed security service providers are beginning to consider using low-cost labour markets.
Although VeriSign wants to retain the most critical aspects of its service - such as security monitoring - Cirino said it would consider handing over responsibility for less critical functions (such as provisioning equipment) to sub-contractors in the third world. VeriSign - like other vendors - have made no firm plans. "The jury is out on offshoring. Within the next 18 to 36 we'll have an answer on whether the managed security market will embrace offshoring," Cirino told El Reg. ®