Factors Influencing the Organizational Decision to Outsource IT Security: A Review and Research Agenda

• URL: http://arxiv.org/abs/2208.12875v1
• Date: Fri, 26 Aug 2022 21:57:23 GMT
• Title: Factors Influencing the Organizational Decision to Outsource IT Security: A Review and Research Agenda
• Authors: Antra Arshad, Atif Ahmad, Sean Maynard
• Abstract summary: Little is known about the factors influencing organizational decisions in outsourcing such a critical function. Our review of the research and practice literature identified several managerial factors and legal factors. We present a research agenda consisting of fifteen questions to address five key gaps relating to knowledge of IT security outsourcing.
• Score: 0.3093890460224435
• License: http://creativecommons.org/licenses/by-nc-nd/4.0/
• Abstract: IT security outsourcing is the process of contracting a third-party security service provider to perform, the full or partial IT security functions of an organization. Little is known about the factors influencing organizational decisions in outsourcing such a critical function. Our review of the research and practice literature identified several managerial factors and legal factors. We found research in IT security outsourcing to be immature and the focus areas not addressing the critical issues facing industry practice. We therefore present a research agenda consisting of fifteen questions to address five key gaps relating to knowledge of IT security outsourcing, specifically effectiveness of the outcome, lived experience of the practice, the temporal dimension, multi-stakeholder perspectives, and the impact on IT security practices, particularly agility in incident response.

Related papers

• FSCsec: Collaboration in Financial Sector Cybersecurity -- Exploring the Impact of Resource Sharing on IT Security [0.9374652839580183]
  This research aims to provide insights that can help financial institutions make better decisions to protect. By using simple theories to understand these factors, this research aims to provide insights that can help financial institutions make better decisions to protect.
  arXiv  Detail & Related papers  (2024-10-19T20:03:27Z)
• Alignment of Cybersecurity Incident Prioritisation with Incident Response Management Maturity Capabilities [0.0]
  This paper explores a possible utilisation of IR CMMs assessments to prioritise high-risk incidents. The findings reveal common weaknesses in incident response, such as inadequate training and poor communication. The analysis also emphasises the importance of organisational culture in enhancing incident response capabilities.
  arXiv  Detail & Related papers  (2024-10-03T07:05:47Z)
• Factory Operators' Perspectives on Cognitive Assistants for Knowledge Sharing: Challenges, Risks, and Impact on Work [51.78233291198334]
  This study investigates the real-world impact of deploying Cognitive Assistants (CAs) in factories. Our results indicate that while CAs have the potential to significantly improve efficiency through knowledge sharing, they also introduce concerns around workplace surveillance. Our findings stress the importance of addressing privacy, knowledge contribution burdens, and tensions between factory operators and their managers.
  arXiv  Detail & Related papers  (2024-09-30T11:08:27Z)
• Trust, but Verify: Evaluating Developer Behavior in Mitigating Security Vulnerabilities in Open-Source Software Projects [0.11999555634662631]
  This study investigates vulnerabilities in dependencies of sampled open-source software (OSS) projects. We have identified common issues in outdated or unmaintained dependencies, that pose significant security risks. Results suggest that reducing the number of direct dependencies and prioritizing well-established libraries with strong security records are effective strategies for enhancing the software security landscape.
  arXiv  Detail & Related papers  (2024-08-26T13:46:48Z)
• An Actionable Framework for Understanding and Improving Talent Retention as a Competitive Advantage in IT Organizations [44.342141516382284]
  This work presents an actionable framework for Talent Retention (TR) used in IT organizations. Our framework encompasses a set of factors, contextual characteristics, barriers, strategies, and coping mechanisms. Our findings indicated that software engineers can be differentiated from other professional groups.
  arXiv  Detail & Related papers  (2024-02-02T17:08:14Z)
• Service Level Agreements and Security SLA: A Comprehensive Survey [51.000851088730684]
  This survey paper identifies state of the art covering concepts, approaches, and open problems of SLA management. It contributes by carrying out a comprehensive review and covering the gap between the analyses proposed in existing surveys and the most recent literature on this topic. It proposes a novel classification criterium to organize the analysis based on SLA life cycle phases.
  arXiv  Detail & Related papers  (2024-01-31T12:33:41Z)
• Pitfalls in Effective Knowledge Management: Insights from an International Information Technology Organization [8.847473225998908]
  This study aims to identify hindering factors that prevent individuals from effectively sharing and managing knowledge. Several hindering factors were identified, grouped into personal social topics, organizational social topics, technical topics, environmental topics, and interrelated social and technical topics. The presented recommendations for mitigating these hindering factors are focused on improving employees' actions, such as offering training and guidelines to follow.
  arXiv  Detail & Related papers  (2023-04-16T09:45:08Z)
• AI for IT Operations (AIOps) on Cloud Platforms: Reviews, Opportunities and Challenges [60.56413461109281]
  Artificial Intelligence for IT operations (AIOps) aims to combine the power of AI with the big data generated by IT Operations processes. We discuss in depth the key types of data emitted by IT Operations activities, the scale and challenges in analyzing them, and where they can be helpful. We categorize the key AIOps tasks as - incident detection, failure prediction, root cause analysis and automated actions.
  arXiv  Detail & Related papers  (2023-04-10T15:38:12Z)
• Artificial Intelligence for IT Operations (AIOPS) Workshop White Paper [50.25428141435537]
  Artificial Intelligence for IT Operations (AIOps) is an emerging interdisciplinary field arising in the intersection between machine learning, big data, streaming analytics, and the management of IT operations. Main aim of the AIOPS workshop is to bring together researchers from both academia and industry to present their experiences, results, and work in progress in this field.
  arXiv  Detail & Related papers  (2021-01-15T10:43:10Z)
• Dos and Don'ts of Machine Learning in Computer Security [74.1816306998445]
  Despite great potential, machine learning in security is prone to subtle pitfalls that undermine its performance. We identify common pitfalls in the design, implementation, and evaluation of learning-based security systems. We propose actionable recommendations to support researchers in avoiding or mitigating the pitfalls where possible.
  arXiv  Detail & Related papers  (2020-10-19T13:09:31Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.