This article can also be found in the Premium Editorial Download "Information Security magazine: Special manager's guide: Monitoring identities."
Download it now to read this article plus other related content.
But someone has to handle vulnerability management. Giving it to an outsourcer seems like an easy solution, but enterprises need to first understand the gritty details.
The idea of outsourcing an especially difficult duty is pretty appealing. At home, who wouldn't happily "outsource" cleaning the bathroom, doing the laundry or taking out the trash? And, in the professional IT world, who wouldn't want to outsource the tough task of vulnerability management (VM)?
More information from SearchSecurity.com
Listen to our webcast with Burton Group senior analyst Diana Kelley and get smart shopper advice for choosing a vulnerability management service.
Visit our resource center for tips and expert advice on vulnerability management in the enterprise.
With the growing number of software patches, regulatory requirements, and increasing complexity of networks and threat models, managing network and system vulnerabilities has become an arduous chore for most enterprises.
Though it may appear that outsourcing VM is a no-brainer for many companies, outsourcing any security function is a far more complicated decision than sending your shirts to the cleaners. We'll take a look at what outsourcing VM means, and review the technical and non-technical considerations enterprises should sort through when assessing the benefits and costs associated with VM outsourcing.
This was first published in August 2006