Pages

Showing posts with label risk. Show all posts
Showing posts with label risk. Show all posts

Thursday, August 10, 2017

Cyber Attacks: How We Have Moved From Corporate Espionage to Corporate Warfare

A great posting over at Supply Chain Matters relative to the impact of cyber attacks on Just in Time (JIT) businesses.  A simple cyber attack can now shut down your tier 1 and tier 2 suppliers which will bring a JIT supply chain to a screeching halt.

You should read this article and understand the points of vulnerability in your supply chain for cyber attacks:


  1. Aggregators and Service Providers: You may have a process which you are not even aware of where data goes from you to a third party, it is manipulated, then sent back to you. Simple process.  But if that third party is not certified and is rendered useless by an attack it can shut your processes down.  Think about it this way:

    - You are using a third party company to take demand information and create a production forecast and schedule.
     - That schedule or forecast is then fed back to you and input into your MRP.
     - The third party is attached by cyber criminals
     - Your production shuts down.
  2. Tier II and Tier III Suppliers: There is a reason they are able to cut costs and sell to you cheaper.   There is something they no longer are doing.  Don't let them compromise on cyber security and you need to follow up and check and check.  If their plant goes down, the JIT supply chain goes down with it.
  3. Think Global: Remember, your suppliers have suppliers in countries you may not be able to point out on a map.  Make sure you can map out your supply chain then overlay a heat map of where cyber attacks come from.  This will help you identify your vulnerabilities.  
A very good article, I encourage you to go read it and you, as a supply chain leader, must be at the front of developing a cyber security effort.  

Wednesday, December 19, 2012

Yet, Even More Supply Chain Predictions

It is that time of year again when the supply chain (and other) predictions come out.  The really smart people keep them broad enough so, like a fortune teller, they cannot possibly be wrong which is why I do not necessarily believe in this type of crystal ball.  However, as I said in my previous post on the IDC predictions, it is good to get all this into one area so as you build your 3-5 year strategies, you can incorporate these broad directional ideas.

Today, we get a guest column on Forbes.com from Mark Woodward who is the CEO of E2Open, entitled: 5 Supply Chain Predictions for 2013, The Year of The Network. Given he is a CEO of supply chain technology firm, you can expect his predictions to be both centered around technology and offering up technology as solutions to problems.  Nevertheless, this is a very good list and I reprint it here with some of my thoughts:

  1. Fast Data Will Become The New Big Data -   I know I promised not to use the term "Big Data" anymore as it has become the most overused term in the fastest amount of time of any business buzzword I know.  However this is an interesting twist which is big and fast are critical elements of a successful data management plan.  The speed with which you share and collaborate using accurate data is at least as important (and maybe more) as just the shear volume of data.
  2. The "Social Supply Chain" Will Transform How We Work - Don't confuse your view of "social media" (i.e., your experience with your kids on Facebook) with the social supply chain.  The social supply chain, as written about extensively by Adrian Gonzales (Quickly becoming "the" expert on this topic and wrote this great blog post about why companies were not using social media in their supply chain) is about open collaboration, problem solving and open source dialogue about issues relating to supply chains.  As stated in this article, demand sensing is really part of the idea of the social supply chain.

    The one concern here is if companies really do compete on supply chain efficiency as much as they do on the product then we have to ask ourselves how far collaboration will really go in the open social world.  Some firms, like Apple, which consistently get high remarks for their supply chain efficiency are notorious for being closed up like a vault when it comes to collaboration and sharing outside of their own supply chain ecosystem.  A quick posting on this idea of companies competing on supply chains can be found here at: Businesses Don't Compete: Supply Chains Compete.
  3. Supply Chain Control Towers Will Transition from Concept to Adoption - This I completely agree with and the time is now for this type of operation.  Control towers are a requirement for really dynamic supply chains to adjust to ever changing market and environmental conditions.

    This does not have to be a complicated IT solution either.  A great control tower, using lean methods and the idea of visual management can consist of white boards, manual tracking and the use of forward indicators of data.
  4. Dynamic Cost Will Transform Decision Making - The idea of a static standard cost which gets adjusted once per year is dead.  It is a relic of times gone past when that was all our systems could handle.  Costs and the macro economic environment change far to frequently and quickly to allow you to not have accurate, fast and transparent costs into your supply chain. Transparency of costs is critical to accurate decision making.  The next time a supply chain partner tells you that you do not have to worry about this I suggest you hold on to your wallet.  A true partner would want accurate and transparent cost data so you can make the right decisions quickly and accurately (notice the them on costing:  Fast, Transparent and Accurate).
  5. Risk Management Will Move From Static to Dynamic - I have written about risk and resiliency a lot recently so I will not rehash it here however suffice it to say the same theme applies in terms of dynamic, fast and transparent.  
As with other predictions, I am not sure if "this is the year for... " or not, however the ideas set forth by Mr. Woodward are fantastic and clearly the ideas all supply chain executives should be thinking about and balancing as they work towards transforming their supply chains to meet 21st century challenges. 

Sunday, December 16, 2012

Do You Have a Supply Chain or a Spiderweb?

This question was recently asked by Zurich's "Risk Engineers" and I think it is a fascinating question.  The metaphor we are all familiar with, the "supply chain" connotes a nice set of interlocking rings, probably made of steel, and that are perfectly aligned.  It brings to mind a very planned and organized way to get from point "a" (raw materials) to point "b" (finished goods) to point "z" (The consumer).  We all know the problems recently experienced from hurricane Sandy however this study clearly indicates the issue is deeper and more broader than just a freak storm.

Reality is, unfortunately, many are spiderwebs.  Not made in any particular order, overlapping and easily disrupted with the swat of a hand.  Zurich believes 2013 is the year companies better take managing, or at least mapping, this web a bit more seriously.  A few key statistics:

  • 73% of respondents to a survey in 2011 reported at least one supply disruption; 50% reported two. 
  • 40% of those who experience extended disruptions eventually go out of business.
  • The leading cause of disruptions is IT or telecommunications. 52% saw some or a high level of disruption from these issues. 
  • One in five companies said they had one instance where they incurred at least $161M in damages
I had an opportunity many years ago to meet with the people of Zurich about this topic in New York City.  At that time it was an "interesting"topic but not much more.  Today, it is critical.  Terrorism, global warming, reliance on sophisticated telecommunications networks, "just in time" (i.e., lack of buffer stocks) and the web of globalization has not only made the likelihood of a disruption more probable but the consequences of it far more severe. 

Their solution is at least to start mapping out your supply chain through tier 2 and rate it based on likelihood of disruption, financial stability and physical stability.  From there I imagine you can create significant contingency plans to at least have a fighting chance at keeping your business running.