Well,

My experiences of outsourcing have been very mixed. Let's face it., most Boards Of Directors, CEOs, CFOs, and the like know little or nothing about IT in general and security in particular (I won't mention "networking"..........they would think you were proposing a fishing expedition in a trawler )

You can successfully outsource hardware support, and even applications support. I have seen numerous instances of this. I do NOT believe that you can outsource core activities such as security, business analysis and so forth. That needs to be done by your "men on the ground" or "field agents".............they understand the "business" and the personalities and the BUDGETS

The main (generic) problem with outsourcing is that IT spend becomes a direct cost, rather than an indirect overhead. Someone has to manage the budget for that spend............so you end up getting less, either through dilution (as already mentioned) or just plain diminution.

My main objection is that if you want to be sure that you are getting a proper job and the best "bang per buck" you are going to have to employ competent people to oversee or undertake the governance of the service provision..............these guys are the major part of your costs.

Someone mentioned HR (Human Remains?)............. .........but from that standpoint, if you outsource security, you lose control of the personnel involved, and that cannot be a good idea.

just my thoughts