I agree with Tiger :

We outsourced our helpdesk functions not so long ago, went through a lengthy tender process and the company who won the tender, not necessarily lowest cost here folks, could not render the service effectively on any level. we recruited 310 IT Technician staff, brought in a helpdesk solution.

Point being made here, is that Security cannot be taken lightly. Placing ones trust in a company does make the circle ever bigger, like tiger says, the cost of recovery, due diligence etc could add up to a lot more than skilling ones own people for the job. i believe that the job of outsourcing a critical function should not be done. having a reputable thrid party pen testing and auditing etc, is always a good thing. making sure that one has the necessary internal processes inplace that accomodate and promote business continuity and the securing of the intellectual property thereof should be done by the bastions of the corporations.

The counter claim could be, one skills them up and they leave, then one is lost again, tis why internal controls are so important..... external factors, the ones i cannot control, such as my security company leaving with perhaps info pertaining to my business is a risk i would rather not take .....