Crossing the Chasm in Supply Chain Security

What we can and should learn from other industries

April 29, 2014
A recent trend across large product-driven organizations is the formation of Supply Chain Risk Management Centers of Excellence. They are the manifestation of the cross-organizational silo nature of supply chain and the realization that supply chain risk requires a different way of managing your business.
A recent trend across large product-driven organizations is the formation of Supply Chain Risk Management Centers of Excellence. They are the manifestation of the cross-organizational silo nature of supply chain and the realization that supply chain risk requires a different way of managing your business.

Over the past five years or so, the supply chain industry has become painfully aware of how vulnerable product organizations are to supply disruptions. Not only have the majority of these companies experienced a disruption, several public failures have demonstrated the economic damage that can result (e.g. the great Seagate v. WD shift from the Thailand floods). Yet despite the amazing amount of intellectual power and integrated systems in the modern supply chain, there’s a distinct lack of coherence or effective reduction in risk across the industry. Why? Because a true risk-intelligent organization requires a different way of thinking—and an actionable application of technologies.

In short, the biggest risk to the supply chain is not a major event—it’s the lack of clear strategy and process to effectively manage and mitigate disruptions. And we have a perfect opportunity to learn from: a sister industry that went through this process, IT security, to spare ourselves the growing pains.

Supply Chain and IT Security Parallels

Supply chain security looks just like IT did 10 years ago. By 2003, the industry had become an incredibly complex and highly mutable set of nodes, connections, and interdependencies. And like product companies today, organizations were able to tie revenue and economic exposure to this infrastructure. More importantly, it proved just how vulnerable IT was.

 

2003 was a watershed year for those of us who worked in IT security. While the U.S. government had spent years trying to influence the industry in the commercial market, their language and models were too esoteric to be actionably applied to the commercial sector. But a series of new, highly effective, and highly public worms spread across the Internet in minutes, bringing many companies to their knees. It was the first time the C-suite and boardroom turned to IT with a demand to fix the problem.

 

Similarly, the U.S. Departments of Commerce and Defense have tried since 2007 to influence supply chain security with debatable results. It took the Japanese tsunami and Thailand floods to very publically demonstrate the vulnerability and lack of effective supply chain risk management strategies across the world. Now we have to ask the question: how do we really make ourselves less vulnerable?

 

IT Security Missteps

Following 2003, organizations thrashed around, experimenting with structure and product purchases. Vendors were selling self-defending networks and integrated security suites, while IT was carving off mid-tier managers as security specialists. For the most part, it didn’t work. Many organizations flushed overwhelming amounts of capital in product purchases with dubious returns, pouring op-ex dollars around marginal security changes.

The IT Security Lessons

After about five years, most organizations learned and implemented several changes based on their own pain:

  1. Security (and risk management) is a shared, yet separated function: There’s a separate organization responsible for monitoring security, but it works with other teams to resolve within the context of the security target (database group, platform group, etc.). There must be a clear delineation between who assesses security and the groups responsible for production.
  2. Risk management must be part of security: The only way to manage security spending is to integrate business risk and financial context. It’s the lynch pin to triaging decision making, resource allocation, and spending.
  3. IT risk management & security must be a senior function: Organizations that kept risk and security as mid-tier functions within IT found that security would always take a back seat to production. Humans are naturally bad at making long-term risk decisions vs. near-term monetary decisions. Chief security officers cut through the internal politics and ensured the organization was making reasoned decisions that managed risk and met business ROI requirements.
  4. Separate but integrated IT security and enterprise risk management: Finance/accounting has long handled enterprise risk management, so it made sense that organizations experimented with integrating the two. Well…it doesn’t work. For the foreseeable future, managing risk, security, and IT requires domain expertise to drive action. Organizations that tried to manage IT risk under finance/accounting discovered an endless theoretical exercise of risk cataloging and frameworks that rarely led to practical implementation. Finance/accounting can help align insurance with risks, but IT security makes the decisions on what to invest in and what not to.

The Center of Excellence Opportunity

A recent trend across large product-driven organizations is the formation of Supply Chain Risk Management Centers of Excellence (SCRM COE). They are the manifestation of the cross-organizational silo nature of supply chain and the realization that supply chain risk requires a different way of managing your business. Much like IT security 10 years ago, more mature organizations are rethinking and realigning supply chain risk management. These are the best practices of organizations managing billions of dollars in their supply chain:

  1. Outcome-based risk management: There are an infinite number of risks that create vulnerabilities in the supply chain—it’s the infinite variability that has frozen many organizations into inaction. The new SCRM COEs are concentrating on addressing the finite number of outcomes from those risks. By focusing on a finite problem, executives can make measured, prioritized actions to prevent the highest impact outcomes.
  2. Executive control: Executive management sets risk thresholds and empowers risk-influenced decisions in sourcing and new product introduction. Their seniority ensures broad adoption and continued focus as the capabilities and processes are developed.
  3. Integrated risk scope: Organizations measure and manage risk across domains, rather than as independent projects—supplier, production, order, financial, transportation, and operational risks. This taps into employee institutional knowledge to ensure the most well-informed employees are solving the right problem.
  4. Prediction over resilience: Organizations get past the old way of thinking about how quickly they can respond to an event. They think about risk mitigation in terms of daily supply chain value at risk from a disruption. Organizations then focus on how to proactively identify risk hotspots and reduce the maximum downside exposure.
  5. Distributed team, dynamic command and control (C&C): Organizations that stood up central SC war rooms quickly learned that they were not only expensive, they spent an inordinate amount of time trying to pull data from the far-flung experts. SCRM COEs are moving to a decentralized, dynamic model—where teams are activated dynamically, based on the type of event—and involves both central business leaders and local subject matter experts. Management can set pre-defined thresholds and allow events to be resolved locally, while corporate resources martial when there is material risk to the business.
  6. Community view: Organizations stop thinking about supply chains as linear links of suppliers, moving to viewing them as a fully integrated community of intelligence and vital ingredient in the organizations’ success (both current and future). They demand better upstream visibility from their suppliers in exchange for better terms and forecasting.
  7. Real-time data visibility: Organizations cut out the “data expeditors” and move to automated, real-time, cross-organizational visibility. More importantly, they align these solutions to increase the return of “supply chain signals” and create a truly interactive communication partnership.

The Secure Future of Supply Chain

We are at an exciting precipice in the supply chain industry. If we take the lessons learned from IT security and think about supply chain in the right way, we will end up with a more robust and predictive industry. Executives will make proactive risk decisions in the normal operation of the business, subject matter experts will drive risk mitigation actions with corporate air cover and resources, and supply chains will be built fully cognizant of their own company’s intricacies and worldwide meta trends. It just takes a creative way of thinking.

Dean Ocampo leads the go-to-market strategy for the Exposure risk management solutions as Senior Product Marketing Manager at Elementum. He has helped companies build their security, compliance, and risk programs while serving in product marketing, product management, and consulting roles at several high tech and Internet security companies. He is a Certified Information Systems Security Professional (CISSP).

Dana Martin is an expert in supply chain risk management, serving as Product Manager for risk management solutions at Elementum. In recent years, he's held various consulting roles with government and leading Fortune 500 companies, helping clients develop best practices in supply chain security, anti-counterfeiting strategies, and operational risk management.

Recommended
Women In Supply Chain Vertical Color
Nominations Close June 7 for 2024 Women in Supply Chain Award
This award recognizes female supply chain leaders and executives whose accomplishments set a foundation for women in all levels of a company’s supply chain network. Submissions close June 7!
April 1, 2024
Adobe Stock 323829328
Alexis Asks: The Surge of E-Commerce Shipping
Managing editor Alexis Mizell-Pleasant asks industry experts about various topics developing in the supply chain field. Strategies that implement efficiency enhancing tools will be the ones to keep up in the coming years.
April 12, 2024
Adobe Stock 207220202
SCN Summit: State of the Supply Chain
June 4, 2024
Register
Register now to hear from experts about the State of Today’s Supply Chains through topics revolve around Warehouse Automation, Generative AI, Automation, Electrification, Company Culture and more.
Latest
Vee S
Pros to Know: Tecsys' Vee Srithayakumar Talks Evolution of Warehouse Automation
Vee Srithayakumar, product manager at Tecsys, was named one of our Rising Stars award winners from this year’s Pros to Know award.
April 16, 2024
Magele Picture Adobe Stock 389905434
54% of Supply Chain and Logistics Operations Prioritize Automation to Mitigate Workforce Shortages
The top technology choices in the study were delivery route optimization (54%) and driver mobile productivity (45%) solutions. For knowledge workers, the top technology choice in the study was real-time shipment tracking (53%).
April 15, 2024
Adobe Stock 342264396 (3)
Shining a Light on the ‘Visibility Gap’
To overcome the challenges of data collection, addressing warehouse complexities businesses need to consider deploying advanced technologies that allow them to enhance operational efficiency.
April 14, 2024
Adobe Stock 278581155
The Smart Warehouse: AI-driven Innovation in Warehouse Management
AI warehouse solutions offer the ability to perform tasks faster with more precision and to automate a broad range of warehouse processes.
April 13, 2024
Adobe Stock 216537638
Streamlining Efficiency with Artificial Intelligence at Warehouses and Beyond
Continued advancements in AI technology promise even greater innovations to drive further efficiencies and reshape the future of transportation.
April 10, 2024
Discover how to not only survive but thrive amid uncertainty
Sponsored
Discover how to not only survive but thrive amid uncertainty
Watch Nulogy’s on-demand webinar to learn how automation can be transformative for your co-pack business, particularly in times of economic challenge.
April 1, 2024
Adobe Stock 479718287
Acquisition Broadens Stord's DTC and B2B Fulfillment Capabilities
By integrating ProPack's extensive network and expertise, Stord expands its reach and capabilities, further enhancing its logistics infrastructure and services to its customers.
April 5, 2024
Adobe Stock 716542218 (1)
The Next AI Revolution: Helping Businesses Manage Excess Stock
AI-powered functionalities can operate both proactively—ensuring excess stock doesn’t recur—and reactively—helping teams redistribute excess stock moving forward.
April 5, 2024
Hw Arobotics Modex 2024
Customizable Shuttle Systems
HWArobotics debuted its high-quality and efficient shuttle automated storage and retrieval systems (ASRS) technology to the U.S. market.
April 4, 2024
Doubletree Studio Adobe Stock 225586230
Logistics Managers' Index Shows Optimism Toward Future of Logistics, Despite Transportation Prices on the Rise
This is the seventh time in the last eight months that the LMI has shown expansion. This growth is driven by the buildup of inventories, the subsequent tightening of warehousing, and the ongoing slow yet steady recovery in transportation.
April 3, 2024
Adobe Stock 260955661
Netstock Launches Excess Redistribution to Help Optimize Inventory
Excess Redistribution analyzes an organization’s existing and forecasted stock, enabling planners to intelligently relocate and rebalance supply to best meet demand and free up working capital.
April 2, 2024
Structural vs. Roll Form Steel: Labeling Insights for Both Racking Types
Sponsored
Structural vs. Roll Form Steel: Labeling Insights for Both Racking Types
Both structural steel and roll form steel warehouse racking offer distinct advantages depending on your operation’s needs.
April 1, 2024
360mod
380 Modular Vision Tunnel Expands the Capabilities of Logistics Operations
Cognex Corporation introduces the 380 Modular Vision Tunnel, a new addition to the Modular Vision Tunnel portfolio.
March 27, 2024
Adobe Stock 751070517
77% of Consumers Will Abandon Retailers After a Failed Big and Bulky Delivery
This report discusses how the 'big and bulky' retail landscape has undergone unparalleled transformations in recent years due to shifts in consumer behavior.
March 27, 2024
Adobe Stock 527756780
Why Manufacturers’ Warehouses Must Prioritize Visibility
Adopting and leveraging technology solutions that drive supply chain visibility offers manufacturers a way to steer through turbulent times and succeed in the months and years ahead.
March 27, 2024
Adobe Stock 560466427
RELEX Advances Gen AI Capabilities to Unlock Faster Data-driven Decision Making
This evolution from RELEX-GPT to Rebot marks a significant advancement, offering users even more powerful and intuitive tools for optimizing their supply chain and retail operations.
March 25, 2024
Adobe Stock 321999244 (1)
LocusHub Engine Offers Insightful, AI-Powered Warehouse Intelligence
LocusHub, an integral component of the LocusOne platform, harnesses advanced analytics, artificial intelligence (AI) and machine learning.
March 25, 2024
Knapp Bnl9347
Zero Touch Technologies for Cold Chain, Omnichannel
KNAPP released Mission: Zero Touch to the North American market, which utilizes a variety of technologies, including KNAPP OSR Shuttles, PiE Robots, OSR Shuttle Evo Frozen and the latest product development, intelligent pocket sortation.
March 25, 2024
Synkrato Trinity Interface 2
Conversational AI Model to Amplify Warehouse Productivity
Synkrato launched Trinity, a conversational artificial intelligence model to amplify warehouse productivity and decision-making.
March 25, 2024
Adobe Stock 452255047 (1)
Waveguides Hold the Key to Mass Production of AR Glasses
The supply chains needed to enable mass adoption of AR glasses are already in place, though differences in manufacturing have an important impact on the quality of the AR experience.
March 25, 2024
1710187195671
MODEX 2024: Extending the Spectrum of Supply Chain
From warehouse racking and electric material handling vehicles to robot dogs and software solutions, the name of this year's theme seemed truly fitting— MODEX 2024 was full spectrum.
March 22, 2024
Adobe Stock 238868017
4 Major Shifts in Warehouse Robotics
Here are four key developments that have shifted warehouse robotics from expensive, bleeding-edge endeavors to more accessible, proven options that can serve the needs of both small-to-medium size projects.
March 21, 2024
Kras99 Stock adobe com
Enhanced WMS Capabilities and Elevated Warehouse Operations
With a focus on innovation beyond warehouse management systems, these products address common productivity and workflow pain points across the supply chain.
March 19, 2024
Structural vs. Roll Form Steel: Labeling Insights for Both Racking Types
Sponsored
Structural vs. Roll Form Steel: Labeling Insights for Both Racking Types
Both structural steel and roll form steel warehouse racking offer distinct advantages depending on your operation’s needs.
April 1, 2024