Risk of Insider Threats in Information Systems Outsourcing:

The risks involved in Information Technology Outsourcing has since long been known to affect business decisions of whether to outsource or not. This has lead to numerous research on topics such as: Understanding and Managing Outsourcing Risks, Methodologies to measure Outsourcing Risks, Risk Factors in Information Technology Outsourcing, Assessing the Risk of IT Outsourcing to name a few. But very little research has been conducted on the security aspect of Information Technology Outsourcing. This paper tries to bring the light on security risks in IT Outsourcing, more specifically risk of insider threats. It also tries to bring attention on the fact that security risks can be a lot more damaging and harmful than any other non security threats combined together. After giving a description of different type of security risks, the paper then elaborates on different deceptive and nondeceptive techniques that might be used to mitigate security threats in IT Outsourcing. Finally it is shown that if insider threats are not taken seriously, its consequences can be very damaging. Two recent cases of insider threats in IT Outsourcing have been stated to prove the latter.