David Pearson, Co-Founder and CTO of Iceberg Networks discusses some more of the questions he’s hearing about enterprise business resiliency. The following is an edited transcript of the conversation.
Can you speak to the importance of reviewing your third-party suppliers’ resiliency plans as well?
If you look at the modern enterprise, it consists of the business that is your primary focus. But every modern enterprise today relies very heavily on third parties. It may be as simple as a business process that is outsourced or even just a supplier of something, but the modern enterprise consists of a number of third parties along with your own company.
If you look at your recovery plans (or crisis management plan), you may deal with the fact that you need a supplier to provide a product or service, but people are starting to realize that just because you may have a contract with a supplier to deliver that product or service during a crisis situation doesn’t necessarily mean they have the ability to deliver it. It starts to become really important to mesh your recovery plans with your partners’ recovery plans.
A great example of that Just in Time Manufacturing (JIT). The JIT world is very tightly coupled. A supplier of parts or sub-assemblies needs to deliver those sub-assemblies on a timely basis in order for the manufacturing flow of the receiving organization to carry on. You probably have a contract with that supplier to deliver those goods, but their ability to deliver in a crisis situation may be compromised. It’s important to not only plan alignment but also scenario alignment. It actually gets a bit worse when you start to look at the scenario alignment because that same contract supplier is probably also delivering services and products to other organizations. If the crisis situation ends up hitting a large part of the industry, or a large geographic area, it means the commitment to deliver your parts may in fact get pushed behind in their ability to deliver to somebody else’s parts.
Alignment of plans and alignment of scenarios becomes a very important function. It gets particularly bad when you get some of the crisis support services, the secondary facilities for people to work, secondary telecommunications or IT services where those services tend to get oversubscribed. A facility or organization offering some sort of back-up facility for your people to work, it only has so many thousand feet of available space. So when the crisis hits, that so many thousand square feet may in fact be committed to too many clients. The world is already kind of familiar with that problem, so they tend to bear a certain amount of risk that you may in fact not be able to count on one of these suppliers, but it really speaks to the need for planning, the need to extend your planning activities out into your supplier community.
The post Ask the Expert: Enterprise Business Resiliency, Part 2 appeared first on Iceberg Networks.
*** This is a Security Bloggers Network syndicated blog from Risk Intelligence Academy – Iceberg Networks authored by Meaghan O'brien. Read the original post at: https://icebergnetworks.com/ask-the-expert-enterprise-business-resiliency-part-2/?utm_source=rss&utm_medium=rss&utm_campaign=ask-the-expert-enterprise-business-resiliency-part-2