Chris Borkenhagen, CIO, answered on 2018-08-16T15:24:11.565Z, 9 months ago
Pat Reynolds, CIO/CTO, answered on 2018-10-11T02:40:39.428Z, 7 months ago
I would say it depends. Clearly, you have to have an outside agency do audit's if that is needed as part of your business ie. SSA16, BASEL 3, etc. I think for small and mid-size company it does make sense since it is hard to hire and retrain skills in the security and auditing space. The key is to understand what are your requirements, what are the risks and can the provider meet your needs.
Forrest Richardson, CIO, answered on 2018-10-18T22:36:41.873Z, 7 months ago
You have to look at which aspect of the security you are describing. For example, a small firm will have a tough time running a security operations center so it makes sense to look for help on that. But there are at least 100 different aspects of cybersecurity under the NIST matrix and a lot of those things are not things that you will want to outsource.
GET THE MOST OUT OF PULSE
Would outsourcing your security make sense from a financial and resource perspective? - Pulse Q&A