How Diversity in Supplier Ecosystem Helps Mitigate Risks
Vishal Grover, apexanalytix, on Maintaining Business Continuity in Wake of AttacksThe recent CrowdStrike outage, affecting millions of Windows systems, served as a wake-up call for CIOs and technology leaders. The outage raised questions about infrastructure readiness to fight such black swan events, and called for diversifying vendor ecosystems, said Vishal Grover, CIO at apexanalytix.
See Also: Rethinking Browser Security: From Risk to Asset
To mitigate similar risks and protect against business losses, it is crucial to implement proactive third-party and software supply chain compliance measures. Organizations must also maintain 24/7 availability of BitLocker recovery keys, conduct regular disaster recovery testing and perform comprehensive third-party risk assessments for mitigating IT, cyber, compliance and financial risks.
"Following the basics can prevent enterprises from falling for such incidents. If we work on robust redundancies and resiliency and cover the entire software supply chain with a good risk assessment plan, we can prevent businesses from being affected so badly," Grover said.
In this video interview with Information Security Media Group, Grover also discussed:
- Importance of automating third-party risk assessments;
- The inclusion of Tier 2 and 3 suppliers for analyzing risk posture;
- Ensuring vendor diversity to mitigate risks.
Grover is responsible for establishing and maintaining a company-wide information security and risk management program. He has more than 20 years of experience across various disciplines including application development, database management, IT infrastructure and information security.