"IT Security Outsourcing in Decline
Seventh Annual Global Information Security Survey: Companies that once outsourced many IT security controls have opted to do more in-house. A look at what caused the shift. (Third in a four-part series)
Some 7,200 business and technology executives worldwide responded from a variety of industries, including government, health care, financial services and retail.
A few years ago, technology analysts were predicting unlimited growth for managed security service providers (MSSPs). Many companies then viewed security as a foreign concept, but laws such asSarbanes-Oxley, the Health Insurance Portability and Accountability Act (HIPAA) and the Gramm-Leach-Bliley Act (affecting financial services) were forcing them to address intrusion defense, patch management, encryption and log management. Convinced they couldn't do it on their own, companies chose outsourcers to do it for them. Gartner estimated the MSSP market in North America alone would reach $900 million in 2004 and that it would grow another 18 percent by 2008."