Abstract
The dramatic progress in information technology has been followed by a remarkable increase in information security risks. Therefore, companies and organizations especially in developed countries have resorted to security consultant firms to secure their information systems and to help them build an effective security strategy. However, the situation is somewhat different in developing countries. Companies and organizations in developing countries tend to rely on their internal staff to handle the security issues instead of hiring IT security consultants. The purpose of this study is to examine the factors that hinder Malaysian companies and organizations from hiring information security consultants. Moreover, the study aims to investigate the implications and information security risks that these companies and organizations face. Questionnaires are administered and interviews were conducted amongst Ten Malaysian Companies and organizations from different sectors. The results of this study revealed that 70% of the companies and organizations do not have security consultants compared to 30% of the companies and organizations which hired security consultant firms to handle the critical information security issues.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
