August 21, 2015 By Shane Schick 2 min read

Businesses know they need to stick with the things they’re really good at, which may be why security is one of the rising areas of IT outsourcing.

The latest report from market research firm Computer Economics showed that nearly 8 percent of technology budgets in large enterprises are being directed to IT outsourcing firms. While a lot of the work providers are doing involves managing cloud and software-as-a-service (SaaS) products, security was singled out among the competencies where corporations believe working with a third-party vendor will benefit their ability to serve customers.

This may be just good common sense. Obviously, there is more time and talent that can be devoted to supporting products and services when in-house staff aren’t busy trying to identify and fend off the latest cyberattack.

SC Magazine noted that other drivers for IT outsourcing include a desire to be more flexible as an organization, to do new things or to reduce spending in certain areas. Of course, most organizations cannot afford not to invest in security, but the report suggested they are constantly evaluating their options as business and market conditions — which includes security risks — change.

In fact, The Data Center Journal pointed out that 92 percent of companies find the costs of handing over things like disaster recovery are often the same as doing the same work themselves. The objective, however, is to make sure business isn’t disrupted and customers aren’t negatively impacted in the event of a distributed denial-of-service (DDoS) attack, network outage or other security breach. The Computer Economics research suggested that companies are showing more confidence in this area of IT outsourcing because the providers of such services have established a strong track record over the last few years.

Beyond pure IT outsourcing, managed security services are also expected to grow considerably over the next five years. IFSEC Global reported that cloud-based security services in particular would eventually account for a larger share of the overall market than those who provide the same services on a customer’s own premises. Either way, it looks as though the increasing challenge of keeping up with security threats and mitigating the worst risks is leading more organizations to conclude they just can’t do it alone.

More from

SoaPy: Stealthy enumeration of Active Directory environments through ADWS

10 min read - Introduction Over time, both targeted and large-scale enumeration of Active Directory (AD) environments have become increasingly detected due to modern defensive solutions. During our internship at X-Force Red this past summer, we noticed FalconForce’s SOAPHound was becoming popular for enumerating Active Directory environments. This tool brought a new perspective to Active Directory enumeration by performing collection via Active Directory Web Services (ADWS) instead of directly through Lightweight Directory Access Protocol (LDAP) as other AD enumeration tools had in the past.…

Smoltalk: RCE in open source agents

26 min read - Big shoutout to Hugging Face and the smolagents team for their cooperation and quick turnaround for a fix! Introduction Recently, I have been working on a side project to automate some pentest reconnaissance with AI agents. Just after I started this project, Hugging Face announced the release of smolagents, a lightweight framework for building AI agents that implements the methodology described in the ReAct paper, emphasizing reasoning through iterative decision-making. Interestingly, smolagents enables agents to reason and act by generating…

4 ways to bring cybersecurity into your community

4 min read - It’s easy to focus on technology when talking about cybersecurity. However, the best prevention measures rely on the education of those who use technology. Organizations training their employees is the first step. But the industry needs to expand the concept of a culture of cybersecurity and take it from where it currently stands as an organizational responsibility to a global perspective.When every person who uses technology — for work, personal use and school — views cybersecurity as their responsibility, it…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today