Fastly Web Outage: Why Third-Party Business Resilience Is Important

Mitratech Staff |

Fastly, a content delivery network service widely used by web publishers, experienced an outage on June 8, 2021 that had global consequences with major news sites, Amazon, and even the United Kingdom’s government websites impacted. Although not cybersecurity related, this outage still provides an example of why organizations that rely on third parties to deliver critical services should continually assess the business resilience practices of those suppliers.

Critical Elements of a Third-Party Business Resilience Plan

At a minimum, a third-party business resilience questionnaire should assess:

  • Continuity of operations – Ensuring that an organization’s mission-critical functions can continue to be performed during a wide range of emergencies.
  • Crisis communications – Raising awareness of a specific type of threat, its magnitude, potential outcomes, and specific behaviors to reduce the threat.
  • Critical infrastructure protection – Protecting services critical for the company to function.
  • Information system contingencies – Planning for restoration of services after a disruption.
  • Incident response and management – Identifying, eliminating, and recovering from cybersecurity threats.
  • Disaster recovery – Recovering and protecting a business IT infrastructure.

10 Business Resilience Questions to Ask All Critical Services Suppliers

To determine a baseline of business resilience practices, Prevalent recommends that organizations require all their critical suppliers to answer the following 10 questions. These questions are meant to be a starting point; the answers should dictate next steps and vulnerable parts of the vendor’s business resilience plan should be addressed immediately.

Next Steps

A critical supplier’s or 4th party’s outage can have a domino effect on your own organization’s ability to deliver products and services, with revenue, customer satisfaction and more at risk. Get started assessing your critical third parties’ processes for responding to crises with our free business resilience resources or contact us for a strategy session.

Editor’s Note: This post was originally published on Prevalent.net. In October 2024, Mitratech acquired the AI-enabled third-party risk management, Prevalent. The content has since been updated to include information aligned with our product offerings, regulatory changes, and compliance.