Throughout the beginning of December, a major web service and retail provider (that now controls 33% of the cloud infrastructure market) experienced an outage that hampered operations across its business and third parties in the peak of the holiday purchasing season, postponing gift and food deliveries across the whole of the United States and taking down web services for major companies using the platform. National news coverage outlined a number of ways that the outages had an effect on businesses, however, the main cybersecurity implication focuses on the impact that a third-party web hosting outage can have on your business resilience strategy and security posture.
So, what can you do to stand up a business resiliency plan that reduces the impact a third-party disruption could have on your business?
What is business resilience and how does it relate to third-party risk management?
Business resiliency, also referred to as business continuity, is the ability of an organization to react to, and continue efficient and secure operation through an incident of any size. The impact that a major web service outage can have on both your organization and your third parties is significant, even if you don’t directly use the service experiencing the outage. Some of the ways you can be impacted are:
Implementing a business resiliency plan that enables your organization to switch web hosting providers quickly or turn on a backup to keep applications online, filling any gaps in service and ensuring critical protective systems continue to do their jobs. Business resilience that takes third-party implications into account and is key in standing up a solution that holistically addresses the security concerns that come with potential outages.
Create a TPRM-informed business resilience strategy
When treating third-party risk management (TPRM) as a key consideration of your organization’s business resilience strategy, do the following:
How can OneTrust help with TPRM and business resiliency?
The OneTrust platform leverages expertise in GRC, specializing in Third-Party Risk Management, Privacy, Incident Management and many other categories to deliver an immersive security and privacy management experience. Reduce your vendor, supplier, and third-party risks with OneTrust Vendorpedia™ Third-Party Risk Management Software and Exchange Community. The software allows you to gain visibility into your vendor ecosystem through streamlining the onboarding and questionnaire processes, allowing you to access and organize vendor information in a way that empowers your business to create a TPRM informed business resilience strategy. The software enables your organization to reduce business resiliency risks, assess vendors business resilience plans, and increase transparent information sharing and collaboration across your third parties with the Vendorpedia exchange community.
Follow OneTrust on LinkedIn, Twitter, or YouTube for the latest on digital transformation.