“Uncertainty is the enemy of efficient supply chain operations,” assert analysts at Source One, “and it’s also everywhere.”[1] That uncertainty often takes the form of supply chain risks. They point to reports by the Chartered Institute of Procurement & Supply showing supply chain risks leveled off in 2017; nevertheless, those risks remained at an elevated level. Those types of findings have Rob Savitsky, Product Marketing Manager at AIR Worldwide, asking, “As we head into 2018, what potential disruptions do supply chains face and how can companies manage these risks over the coming year?”[2] Although Savitsky limits his list to three types of risks, it’s fair to say few if any historical risks have been taken of the table. Savitsky notes, “It’s impossible to know for sure how supply chains will be disrupted in 2018, but we can prepare for the worst by learning from the past. Disruptive events that occurred over the last several years fall into three broad categories of supply chain risk: Natural Catastrophes, Man-Made, and Economic.”

Current Supply Chain Risks

Natural Disasters

Savitsky observes, “Supply chains are vulnerable to natural disasters such as storms, floods, and wildfires. Although catastrophes such as hurricanes and earthquakes are infrequent, they have the potential to cause extensive damage.” No surprises there. We really don’t know the full impact climate change will have on supply chains but most analysts believe we are going to see a lot more weather-related disruptions. The recent cyclone bomb that hit the east coast of the U.S. is just the most recent example of extreme weather events. And just as worrisome, the West seems to be slipping again into drought conditions. Source One analysts explain, “Some of the most threatening and unpredictable factors today may come from Mother Nature. Dealing with severe, extreme and surprising weather patterns spawned by long-term climate change is simply a fact of life for today’s organizations. Especially when companies stretch their supply lines into multiple continents with divergent weather systems.”[3] Although risks posed by severe weather events appear self-evident, Source One analysts reports, “A survey commissioned by risk management firm DNV GL revealed that a surprising number of organizations have not prepared their services to survive in the case of natural disasters caused or exacerbated by climate change around the world. By the study’s telling, 25 percent of businesses have begun adapting their value chains or actively increasing resilience to deal with climate change. The prevailing thought among these organizations’ leaders is that they have a few years to prepare.”

Man-made Risks

“Man-made events such as fire, product defects, cyber-attacks, labor and civil unrest, terrorism, utility failure, and piracy,” writes Savitsky, “are more frequent disruptors of supply chains but typically have a lower severity than natural catastrophes.” There is some good news. For example, piracy has decreased over the past several years. On the other hand, cyber-attacks continue to increase. Such attacks are so prevalent, I will discuss them separately.

Economic Risks

Nick Ismail (@ishers123) writes, “Against a backdrop of economic uncertainty, the only guarantee is that companies will face more risks and challenges than ever before.”[4] Concerning economic risks, Savitsky writes, “Economic forces are not physical disruptions by nature, but cause product or labor shortages. Examples include financial insolvency, trade or tariff disagreements, loss of patent rights, and sub-suppliers that perform poorly.” The current political climate in Washington, DC, is raising concerns in this area as the efficacy of trade agreements are repeatedly called in to question. Savitsky adds, “While this type of risk is unpredictable — the ongoing Brexit saga in Europe and the forthcoming U.S. midterm congressional elections, for instance — large economic crises will certainly provide some drama in 2018.”

Cyber-risks

Savitsky reports, “The past few years have seen an increasing prevalence of cyber-attacks. Most of these incidents, such as the high-profile Equifax data breach that involved the personal information of some 143 million Americans, and the Dyn cyber-attack which took down some of the world’s most popular websites such as Twitter, Airbnb, and Netflix, do not directly affect supply chains. However, they raise major red flags for supply chain practitioners. It seems that cyber criminals have a growing number of avenues of attack at their disposal, especially given the exponential growth in the number of internet-enabled devices and cloud-based communications networks.” David Weldon (@DWeldon646) notes some of the most troubling cyber security concerns are: Destructive attacks and adversary denial and deception tactics; aggressive use of information operations by nation-states; growth in the numbers and diversity of threat actors; and greater availability of exploits, tools, encryption, and anonymous payment systems available to malicious actors.”[5]

Addressing the Risks

Susan Lacefield insists, “The best disaster-response plans don’t end at the company’s own gates.”[6] She explains, “According to Aaron Parrott, a specialist leader in Deloitte Consulting LLP’s Supply Chain and Manufacturing Operations Practice, for many large manufacturers, 70 to 80 percent of the total value of their product comes from their supply base. If that much value is tied up in your supply base, it makes sense to consider your external partners in any disaster-recovery plans.” Technology can help you see the bigger picture. Ismail writes, “There’s no doubt that what you can’t see can hurt you. But in today’s connected, digital economy, visibility and transparency have never been easier to obtain — even across complex, global supply chains. So not knowing that a supplier or customer is on the brink of collapse or that a hurricane may cause power losses and port closures is no longer a valid excuse. When it comes to managing today’s global supply chains, companies must anticipate risks and develop plans to execute on them before they negatively impact business. And technology exists which makes this possible.” One of those technologies is cognitive computing. Deloitte analysts explain, “Applying cognitive computing against massive data sets can help organizations process information more quickly and make smarter business decisions. And cognitive computing is increasingly being used in the domain of risk management, mining often ambiguous and uncertain data to find indicators of known and unknown risks.”[7]

Summary

Kevin O’Marah (@komarah), Chief Content Officer at SCM World, reports risk managers are increasingly concerned about things out of their span of control. Much of what was discussed above falls into that category. O’Marah writes, “As we sift through data from SCM World’s 2017 Future of Supply Chain survey, one of the most striking shifts from last year’s responses is the level of perceived risk in areas outside of our traditional span of control. The biggest jumps from 2016 are in the percentage of respondents who report being “very concerned” about data security, natural disaster and war. The game today has changed, from managing risk with deeper supply chain relationships and analysis, to preparing for outright disaster.”[8] Leveraging a cognitive computer system won’t provide control over areas of concern but it will provide much better corporate situational awareness.

Footnotes
[1] Source One, “Risk In The Supply Chain: Declining Yet Still Elevated,” The Strategic Sourcerer, 29 November 2017.
[2] Rob Savitsky, “3 Types of Risk That Will Impact Supply Chains in 2018,” Supply Chain @ MIT, 4 January 2018.
[3] Source One, “Are Supply Chains Ready For Climate Change?” The Strategic Sourcerer, 3 January 2018.
[4] Nick Ismail, “The risk of ignoring risk in the modern enterprise,” Information Age, 19 December 2017.
[5] David Weldon, “The 5 top cybersecurity threats for 2017,” Information Management, 25 August 2017.
[6] Susan Lacefield, “How to better prepare your supply chain for the next extreme event,” Supply Chain Quarterly, Fourth Quarter 2017.
[7] Staff, “Cognitive computing applications for risk management,” Deloitte, 2017.
[8] Kevin O’Marah, “Supply Chain Risk 2020: New Worries,” Forbes, 6 October 2017.