Dangers of Outsourcing

Although there are constant reminders out there, many companies still don't seem to realize that while you can outsource IT functionality, you can't outsource security, much less responsibility for it. A recent Gartner Report shows that this is one of the vague areas in many outsourcing contracts.

Lawleaf, a web-based financial services company, outsourced its IT functions - obviously very critical to its operations - and suffered a massive SGL injection attack that compromised its systems and almost put it out of business. It makes an interesting case study, which is outlined at this site.