Business Continuity Management / Disaster Recovery , Finance & Banking , Geo Focus: Asia
Rethinking Vendor Dependence Before the Next IT Outage
United Overseas Bank's Gaurav Gupta on Holding Vendors Accountable for ResilienceIT concentration risk could pose major problems for financial institutions that rely heavily on one vendor for critical services. United Overseas Bank's Gaurav Gupta recommends CIOs hold vendors accountable for resilience and look for ways to diversify to ensure business continuity.
See Also: 2024 State Of Identity Security in Financial Services
Regulators will be scrutinizing the potential for operational disruption in light of the global IT outage in July caused by a faulty software update by security firm CrowdStrike, and they will be looking at reliance on cloud providers.
"If ... they are essentially critical vendors supporting an industry, supporting the financial stability of the country, the responsibility on [vendors] for providing certain kinds of resiliency increases," said Gupta, senior vice president and senior director of IT audit, IT regulatory management, at United Overseas Bank.
Demand for accountability will force vendors to enhance their resiliency capabilities and regularly test them to meet the expectations of both financial institutions and regulators, he said.
In this video interview with Information Security Media Group, Gupta discussed:
- Speaking with the board about vendor-related risk;
- Steps vendors are taking to win back confidence;
- Why the job of CIO is getting tougher.
Gaurav has over 22 years of international experience in information and cybersecurity. He currently works in a large supra-regional FI covering audit management and regulatory management, and he has responsibility for IT risk and third-party risk governance.