The next stop on our journey focuses on those that you rely on: supply chains and third parties. Working with external partners can be difficult. But, there is a silver lining. Recent attacks have resulted in an industry wake-up call when it comes to cybersecurity resilience.
You see, the purpose of using external partners is to take advantage of a capability that your organization did not have, or the vendor was just better at than you. In turn, there was an offering or efficiency incentive where, for an exchange, your organization could operate more productively. Call it the trade-off.
It’s no different than any sports team looking to make a trade. When an organization is looking to partner with an external group, it will perform:
Risk analyses
Cost/benefit studies
Return on investment assessments.
In essence, the organization goes through a process to determine whether they will give up something of value today in return for some future benefit (e.g., contractually and confidentially sharing your intellectual property in exchange for some better performance). Call it the business case.
For many organizations, this arrangement has generally worked well for some time. However, cracks are beginning to show. Therefore, it is worth asking: is the risk worth the reward?
Inheriting the Vendor’s Cybersecurity Resilience Vulnerabilities
Working with external partners has become a riskier business. That is not to say organizations should cease these partnerships. Candidly, without external partners, it is quite possible most organizations would not be able to run, especially if they are heavily reliant on services and platforms (think ‘as-a-service’ models). Th ..
Support the originator by clicking the read the rest link below.
