Outsourcing Information Security

Our reviewer gives his opinion of the book Outsourcing Information Security.

Outsourcing Information Security
By C. Warren Axelrod
248 pages, $85
Artech House

Revew by Patrick Mueller

At first glance, Outsourcing Information Security appears to be like a well-heeled business consultant: confident, educated and promising. But dive in a little deeper, and you will quickly see that it's riddled with serious flaws.

The title itself is a misnomer: Outsourcing Information Security purports to address the information security issues associated with any IT outsourcing agreement--application development, help desk, etc. Yet, the author is actually attempting to bridge the two main concerns of outsourcing--the business decision and the security implication--with disappointing results. He fumbles security concepts, even those that aren't technical, which will undermine his credibility among security pros.

Outsourcing Information Security's sophomoric overview of security risks is average at best, and its discussions regarding the justification, risks, costs, benefits and evaluation of outsourcing are presented as largely autonomous from the infosecurity context. The intermediate chapters on the business decision process have some substance, but they're too little, too late. The advice ranges from useful (making sure the company you hire to assess an MSSP's security doesn't have hidden associations with it) to bizarre (providing executives, in certain situations, with bodyguards, armored cars and guarded housing).

That said, the book's combination of references and an annotated bibliography stand out as its only redeeming feature, though it certainly won't have universal appeal. Those looking for a quick overview will find them weighty and unnecessarily academic.

Outsourcing Information Security is simply too ramshackle. The reader is left hoping for an effective integration and synthesis of the security and outsourcing arenas that never materializes. If you're looking for solid advice on outsourcing, look elsewhere.

What do you think of this book? Scroll down and Sound Off, or read an excerpt.
This was last published in March 2005

Dig Deeper on Security vendor mergers and acquisitions



Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.








  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...