How does resilience manifest itself when it comes to alternative suppliers?
"You ned to think about the wose case scenario and whether you will need alternative suppliers. “
Marc Avery, CISO and founder of the Cyberchain Alliance, talks to Sooraj Shah about how supply chains need to have resilience built into them.
Marc Avery was a speaker at the very popular R3 cyber security conference, which ran from 15 to 24 September 2020. If you missed it, then it’s not too late: you can still watch on demand.
Specifically about alternative supplies, how does that manifest itself when it comes to resilience?
As mentioned, when designing services or updating services and considering impact, you really need to think about whether or not you can solely rely upon one supplier, or indeed whether or not the potential impact on your services from a major outage of one supplier would actually render you needing to have an alternative supplier.
The example there being if you purchase a cloud service from one major supplier and they have an outage, actually looking at their service-level agreements and commitment towards you as their customer, do you think that a four-hour as it is acceptable to your business? If it isn't, then you will need to think about the worst-case scenario and consider alternative suppliers when you design those services, when you implement them, and of course, when you maintain and continue to innovate on top of them as well.