- Risk Management
Substantial investments in supply chain resilience have enabled companies to vastly improve their capacity for bouncing back after a disruption. But the digitization of supply chains is introducing new demands on company operations that require a different approach to building supply chain resilience.
With the benefit of digital technologies, companies are using Big Data to identify supply chain risks and create early warning systems with much greater speed and precision. However, the ability to respond to these signals has not advanced at the same pace.
More so, the gap between risk identification and risk response promises to become more severe as the rate of digitization accelerates. A survey of 30 global companies in various sectors released in October 2016 by the Center for Global Enterprise (CGE) found that 88% have incorporated elements of the digital supply chain into their business model. All the companies surveyed were working to adopt game-changing technologies such as the Internet of Things and robotics.
To keep pace with changes like these, companies need to develop ways to automate resiliency.
Enterprises use various strategies to make their supply chains more resilient. These include diversification of the supplier base, establishing safety stocks, and planning for spare transportation capacity. These strategies will continue to be important, but building resilient digital supply chains, or cyber-resiliency, requires a speed of response that can only be achieved through automation and smart software.
CGE characterizes a digital supply chain as “a customer-centric platform model that captures and maximizes utilization of real-time data coming from a variety of sources.” If a potential disruption is detected, the system decides on the best mitigation strategy and executes that strategy.
A relatively simple example is a loaded freight container equipped with sensors that track the temperature and humidity of the goods in real time. The data are analyzed using advanced business intelligence rules and shared with authorized entities in the extended supply chain. These parties can take remedial action should a problem be detected. For example, if the container readings indicate that perishable cargo has been damaged due to an equipment malfunction, an order is automatically placed for replacement supplies while the damaged shipment is still in transit. Such remedial actions are not confined to logistics; financial and contractual terms are also adjusted when an unexpected disruption occurs.
The system can also exchange selected information with relevant government agencies such as customs administrations that oversee compliance with food and health regulations. This is an important feature of cyber-resiliency. Risk-prone supply chains are generally perceived as less secure by government authorities, and for that reason are more frequently selected for auditing, control and inspection. These activities create unnecessary delays in supply chains.
Digital tools are being developed to keep governments in the loop. For example, the Zaragoza Logistics Center (ZLC) is developing an ETA predictor tool for shipments exported from China to Spain. Unexpected delays and lack of information about the movement of shipments between origins and destinations often raise suspicions that there is something amiss about a shipment. Perhaps there was a stop in an unauthorized destination to load illegal cargo. Customs authorities often react by inspecting the shipment thus exacerbating the situation – even when there are legitimate reasons for delays such as labor disputes or extreme weather conditions. The ETA tool is designed to avoid such problems by automatically relaying a clear, real-time picture of shipment ETA issues to relevant government agencies.
The same tool can be used to create alerts, and determine in real time whether there will be delays and if there is a need to update ATP (Available To Promise) clauses in contracts. Such actions can avoid penalties owing to breaches of contract, and enable companies to pre-emptively evaluate alternative ways to recover shipments and minimize the impacts of disruptions on business operations.
Although these benefits will improve the resilience of digital supply chains, more work is needed to achieve true cyber-resiliency.
There is a lack of well-developed rules to help organizations decide when alerts should be issued, and how enterprises should react to such messages. Companies routinely create contingency plans to deal with specific disruptions, but need to put more effort into digitizing and automating these plans. Risk managers can decide which elements of their contingency plans can be fully automated and which ones continue to require human supervision. There also is a need for software that continuously improves responses to disruptions by learning from experience.
One critical issue is how to integrate new tools and systems into digital supply chains. Here are the main integration challenges in order of importance.
Creation of robust information collection and sharing. Many enterprises, especially small companies, lack the technical skills and financial resources needed to build the required infrastructure. Also, a lack of standardization makes it difficult for companies to communicate across IT systems.
Exploit business intelligence rules. More work is needed to assess the risks associated with digital supply chains, develop business intelligence rules to manage these risks, and automate the underlying management processes.
Establish public/private sector partnerships. In the increasingly complex and demanding digital environment, governments rely more and more on private sector resources to secure supply chains.
Data confidentiality. Companies are uncertain about sharing sensitive information via a digital platform. One solution is to develop Dropbox-like technology that gives access to selected parties without the need to download data. Data resides on the owner’s site and only shown to authorized parties as needed.
Cybersecurity. Hacking is an ever-present and increasing risk. Digital supply chains are vulnerable to security breaches by criminals such as cargo thieves. New technologies are needed to scan for cyberattacks and protect systems against infiltration. Emerging blockchain technology – which makes it easier to authenticate digital documents and to verify the identity of trading partners – is one promising development.
Fully automated cyber-resilience is far from a reality, but real progress is being made. For example, the European CORE (Consistently Optimised REsilient supply chain ecosystems) project, in which ZLC is coordinating three Living Labs, plans to test and demonstrate systems that automate supply chain risk mitigation plans within the next two years.
The CORE project aims at developing and testing in Living Labs hardware and software technologies to collect data, identify and monitor relevant supply chain risks and thereby use this information in two ways: first, to optimize the performance of supply chains and, next, to simplify data exchange with cross-border agencies. The hoped outcome is to show with real data from the Living Labs, that the implemented solutions can bring tangible benefits to stakeholders.
Work like this is essential if digital supply chains are to deliver dramatic cost savings and service improvements. In the not-too-distant future, software that cuts supply chain delays from days to hours or even seconds could become a reality. But to realize the full potential this technology, and to achieve the dramatic cost savings and service improvements that digital supply chains can deliver, companies need to develop cyber-resiliency.
This article was written by Dr. Luca Urciuoli, Associate Professor at the Zaragoza Logistics Center, Zaragoza, Spain. The article was published first by MIT Sloan Management Review and also appeared in ZLC News. For more information contact the author at: firstname.lastname@example.org.