C-Suite Research

Why (and when) outsourcing security makes sense

Offloading security strategy and day-to-day operations to a managed security service provider can free up IT resources. But be prepared: It’s not an entirely hands-off proposition.


Phenix Energy Group, an oil pipeline operator and construction company, is preparing to take its IT infrastructure from zero to 60 in a matter of months. To get a years-in-the-making pipeline project off the ground, the company is preparing to grow from a relatively small office environment to a data center setting of 75 servers and 250TB of storage. As a result, security, which hasn’t been a top priority, is suddenly a big deal, according to CIO and COO Bruce Perrin.

Given the high stakes — a downed system could cost about $1 million an hour — Perrin has spent the past five years researching options. While he’d prefer to run security in-house as part of an on-premises data center, Perrin is leaning toward outsourcing the function, at least initially, because he doesn’t have time to staff up a dedicated information security department in the few scant months before the pipeline goes online.

“This project is huge. No one person is capable of managing this kind of IT deployment in 90 days,” says Perrin, who’s evaluating IT security value-added resellers and managed security service providers (MSSP). “I don’t have an alternative to outsourcing — I need to bring someone in who can provide the security level we need and help us with the deployment, with the ultimate goal of moving everything to on-premises.”

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)