Which of the following is the GREATEST risk associated with hidden interdependencies between cloud services?

Which of the following is the GREATEST risk associated with hidden interdependencies between cloud services?
A . The IT department does not clearly articulate the cloud to the organization.
B . There is a lack of visibility over the cloud service providers’ supply chain.
C . Customers do not understand cloud technologies in enough detail.
D . Cloud services are very complicated.

View Answer

Answer: B

Explanation:

The greatest risk associated with hidden interdependencies between cloud services is the lack of visibility over the cloud service providers’ supply chain. Hidden interdependencies are the complex and often unknown relationships and dependencies between different cloud services, providers, sub-providers, and customers. These interdependencies can create challenges and risks for the security, availability, performance, and compliance of the cloud services and data. For example, a failure or breach in one cloud service can affect other cloud services that depend on it, or a change in one cloud provider’s policy or contract can impact other cloud providers or customers that rely on it.12 The lack of visibility over the cloud service providers’ supply chain means that the customers do not have enough information or control over how their cloud services and data are delivered, managed, and protected by the providers and their sub-providers. This can expose the customers to various threats and vulnerabilities, such as data breaches, data loss, service outages, compliance violations, legal disputes, or contractual conflicts. The customers may also face difficulties in monitoring, auditing, or verifying the security and compliance status of their cloud services and data across the supply chain. Therefore, it is important for the customers to understand the hidden interdependencies between cloud services and to establish clear and transparent agreements with their cloud providers and sub-providers regarding their roles, responsibilities, expectations, and obligations.3

Reference: How to identify and map service dependencies – Gremlin1; Mitigate Risk for Data Center Network Migration – Cisco2; Practical Guide to Cloud Service Agreements Version 2.03; HIDDEN INTERDEPENDENCIES BETWEEN INFORMATION AND ORGANIZATIONAL …