The Critical Role of Data in FinTech Supplier Risk Management

Last week’s cyber outage, triggered by a standard CrowdStrike update, affected millions of Microsoft devices worldwide, severely impacting industries including healthcare, media, and aviation.

Second KYNDThe disruption is estimated to have a financial impact of between $5 million and $9 billion globally. This event highlights the critical need for organizations to actively understand and monitor the risks associated with third-party vendor buildups that could impact their portfolios.

CrowdStrike has fixed the bug; however, many devices may still take a long time to recover. This incident should serve as a critical warning to all organizations to rigorously review and test their business continuity and disaster recovery plans. Often, these plans are more theoretical than practical, with few including complete network failure scenarios that require manual device recovery.

The CrowdStrike incident has starkly highlighted the need for insurers and portfolio managers to take supplier hoarding risk more seriously. Companies like CrowdStrike are an integral part of day-to-day business operations, and their failures can send shockwaves throughout the global economy, impacting countless businesses.

Accumulation risk can manifest itself in various scenarios, such as dependence on a single supplier by many organizations, concentration of suppliers in specific geographies, or critical dependence on third-party services. It is essential to differentiate suppliers based on their operational importance to effectively manage potential risks.

To address these challenges, consider the following strategies:

1. Assess exposure to accumulation risks:Using detailed risk data from providers like KYND, you can identify specific risks related to vendors and service providers within your insured or investment portfolios.
2. Examine the criticality of prevailing suppliers and service providers: It is critical to identify which vendors are essential to maintaining critical functions within an organization or have privileged access to key infrastructure or data.
3. Conduct granular and customized deterministic scenario analyses: Develop custom scenarios to assess the impact of potential disruptions, considering the criticality of the affected vendors or service providers. This could include examining the effects of a disruption in a specific cloud data center or the disruption of a particular service for different durations.

Upon learning of the CrowdStrike outage on the morning of Friday the 19th, we promptly began assessing the level of exposure our clients were exposed to. By the end of the day, we had communicated this critical information to all of our underwriting and portfolio management clients. Our support will continue as they delve deeper into the intricacies of the incident.

At KYND, our clients in the insurance and financial services industries are increasingly looking for insights into their exposure to various providers and the associated accumulation events, especially in the wake of the CrowdStrike incident.

While such large-scale disruptions are rare, they highlight the interconnected risks within supply chains. To remain proactive, insurers and portfolio managers need accurate and reliable data to effectively identify and manage supplier concentration risks in their portfolios.

Stay up to date with all the latest news FinTech News Here.

Copyright © 2024 FinTech Global

Investors

The following investors were tagged in this article.

Source