In Brief
Managed Security Services: Common Interests
Abbey National, one of the United Kingdom's largest retail banks, hasn't outsourced its information security to a managed security services provide. Not yet.
By Malcolm Wheatley
February 01, 2003 — CSO — Abbey National, one of the United Kingdom's largest retail banks, hasn't outsourced its information security to a managed security services provider—yet. But talk to Marcus Alldrick, the bank's head of group information security, and you'll realize that a lot of thought has gone into figuring out how it might be managed and monitored. Alldrick seems to be a firm believer in the merits of tightly specified service-level agreement metrics.
But when it comes to selecting a provider, he's far less concerned with its ability to pump out management reports than he is with its overall approach to business. "Information security is a business requirement, not a technical solution," he says. "It's very much about partnership."
And in selecting that partner, he warns, be under no illusions as to the downside. "Ultimately, you're looking for a strong assurance that this partner will protect your interests
Other stories by Malcolm Wheatley
$firstKeyword
Security Directions: A Virtual Conference
Available On Demand Sept. 30 - Dec. 30
Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.
Protecting PII: How to Work with IT to Manage Risk
Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.



