Let’s start with a story illustrating how supply chain security irrevocably altered the fortunes of a company that was
This story is in
Think of the time before Iphone and Samsung phones came along and conquered the supply chains of the industry, and the minds of the users. I tell that story elsewhere.
Here we focus on the simpler times.
A seemingly trivial random event, on a fateful day in March 2000, changed the destiny of the industry.
Both Nokia, and Ericcson, the stalwarts in the mobile phone industry at that time, were equally impacted by the same event – a
Both Nokia and Ericsson experienced business disruption to an equal extent as a result.
More importantly, the manufacturing capacity of the plant was damaged and it was difficult to estimate the time for repairs.
This is where the events take an interesting turn. Not everyone thinks of supply chain security beyond the physical security of goods in transit. For
In fact, all the security experts who have no background in supply chain security fail on this count – they never think deep enough in terms of the layers of
Nokia had invested months, if not years, in creating and perfecting a robust and responsive supply chain security, while Ericsson’s business network was relatively a middle-of-the-line affair that worked well when things were good.
Ericcson staff were content to go with the flow, without too much care and worry about this part of supply chain security.
After the fire, Nokia was able to see the full impact of the chip shortage on its own business, as well as the entire industry with a lot more clarity than Ericsson, and even Philips.
Moving quickly, it activated other parts of its business network to shore up supplies, to redesign some of the chips to manufacture them in other plants, and to take pre-emptive steps in the network.
Ericsson let the situation evolve at its own pace and made decisions more reactively.
The resulting gain in profitability and market share for Nokia and the loss of these for Ericsson tipped the balance of the industry to an extent where within a few years Nokia pulled far ahead of the Ericsson which never caught up with its erstwhile equal rival.
It does have some anecdotal entertainment value.
But the moral value is even higher. Here are some things to ponder:
I could easily turn this above 7 point list into a large magazine article (listicle), but my readership is wise enough to connect the dots themselves, and do not need
Given the quality of my readership – I have created a
If you really want to pay
People often wonder where the best opportunities for start-ups are. Supply Chain Security space is getting a lot of attention in this regard.
In fact, just today someone asked me on a popular platform about opportunities for start-ups in Supply Chain Security space . They wonder whether these were more in software, or consulting arena.
Here is my view:
It would be neither of those two. Rather it will be a combination of hardware and software – initial application know-how will have to come from the user side.
Let me explain.
Post-2001 (911) the world of supply chain security has changed dramatically. The regulatory environment has evolved dramatically (as we explain in my report Global Supply Chain Group’s SUPPLY CHAIN SECURITY REPORT). But that is not the only change. Almost everything – customer innocence, political and cultural norms, technology and particularly technology – has evolved dramatically as is explained in this report.
Most importantly – the threat perception has evolved considerably. Look at the diagram below which summarises the supply chain threats over the decades:
So far, this is common sense representation of common knowledge. What is not common knowledge is how technology has evolved in response to these trends.
There are at least 6 technological streams which find applications in supply chain security. You will find them in the report, or in this survey on supply chain security – Supply Chain Security Survey
But the most interesting insight in the report is that almost all the opportunities offered are in combinations of hardware, software and some know-how in the application.
That is not to say that pure-play companies do not exist. In fact, many companies have evolved to products with a considerable component of application know-how. In mature products that is always going to be the case.
But, for a start-up, a combination of hardware, software and some application know-how is the best bet
I know that Supply Chain Security is not the top of mind of anyone. Least of all for people who are so busy all day, every day that they barely have time to take a meal break.
I am, of course, talking about the supply chain managers. The mobile does not stop ringing from the time they take it off silent in the morning, to the time they are ready to crash. If it is not a customer calling about “another botched-up delivery”, it is one of the service providers calling about ‘another unpaid invoice”.
Literally, hundreds of things can go wrong as millions of things are moving around 24X7. And, sometimes they wrong, all at once. Like when a customer threatens to walk away, AND, a supplier takes you to court.
Who has time to think of Supply Chain Security in the midst of all this? Only those who are most serious about their careers in the supply chain.
“Why is that the case” you ask? I think, by the end of this article the answer will be crystal clear to you.
Listen, I have written in many places earlier that the traditional supply chain model is gradually failing and will be
It is true! Think about
Anyway, you would have to be living under a rock not to know the names I am talking about. And, by the end of 2019, there will be many more names to add to that list.
But, this article is not meant to compare and contrast the supply chain models of yesterday, today and tomorrow. I will write a different article soon to cover that important point.
The point to pay attention is that 2019 is edgy. Things move slowly, but in a ‘definitive direction’. And this is the main point – careers are more important today, than in the past 20 years.
Take a look at the 1 minute video below to get a sense of the issue:
But, sabotage is not the only type of potential incident that can hit your supply chain. There are many other types of potential incidents.
In fact, in a project last year we identified at least seven types of potential supply chain risks – each with very complex supply chain implications.
Even making a list of all the different types of potential supply chain security breaches and related incidents is difficult. One you go past the most obvious ones – where do you stop? And, how do you neatly group them?
Take a look at the figure below:
the risk assessment and mitigation work in
Why do I say that?
Because no matter how much you know – you cannot make a list of everything you don’t know that can happen. And that is just the trouble with the qualitative part of supply chain security and risk management.
On the quantitative side, it is even worse.
Try multiplying infinity by infinity. How do you assess the probabilities of something that has never happened before, but is likely to happen at some point in future? And, then how do you assess the full repercussions of that event, up and down the supply chain?
Did you know that in 2000 Ericsson permanently lost its pre-eminence in mobile phones market to Nokia mainly due to a fire in a chip factory owned by
How did Nokia lose its crown to Apple due to its supply chain missteps is another story worth talking about. As is the story currently underway, how Apple is losing its crown due to its supply chain missteps.
But I digress. Let’s get back to the talk of supply chain security. People ask me why is supply chain security is such a dismal state that only by sheer providence (and goodness of population in general) we do not more incidents.
The main reason is this – most security professionals do not even know ABC of supply chains, and most supply chain professionals bother about only ABC of security.
A secondary reason is that it is just too difficult to secure supply chains with the current level of
Think about this:
The truth is that there are so many moving parts in today’s supply chain that it is impossible to keep track of them all with the current level of supply chain resourcing.
And, companies are always reluctant to give more resources for anything, especially something as ‘unproductive’ as security, unless justified by a bulletproof spreadsheet vetted three times over by the most painstaking auditors.
All this would not matter in the past when everyone could pretend that every security breach incident was a one-off, “could not be foreseen or prevented” kind.
Today, irrespective of whether it could be prevented or not, everyone – regulators, governments and public – are hyper-vigilant, and clamour for someone to blame. And guess who is going to cop most of the blame? The person who cops most of the blame when anything goes wrong in the entire supply chain – The Supply Chain Manager.
That trend is only going to escalate. And, that is the “Trouble With Supply Chain Security”.
If you are in Australia, it is more than likely that you already know this saga. If you are not in Australia, or do not follow the news cycle, take a look at the video below:
Several years ago it was this:
Some band-aid solutions are rolled out – mostly to restore public confidence and get the demand up again. However, a comprehensive supply chain security regime is never put in place.
Having done large scale supply chain transformation projects for companies as sensitive as explosives, chemicals, fertilizers, food stuff, soft commodities, bakeries, meat, dairy, livestocks, and many others, we have seen both – the vulnerabilities and some really cutting edge supply chain security in practice.
Unfortunately, supply chain security, in conceptualisation and training, has not kept paced. There is no university course that covers this topic sufficiently. Conferences skirt this topic. Books cover it sketchily. Regulatory framework is patchy and officious.
And after complying with the regulatory burden most people relax in the belief that they have done enough.
Yet, dozens of incidents have demonstrated that regulatory framework is never enough. Each company has to develop its own supply chain security framework, based on its own particular circumstances. Even compliance with insurance requirements is not enough. Reputation damage to your business is a non-insurable loss in most cases.
Complying with regulatory and insurance requirements is a good start. You also need a more robust, holistic and comprehensive supply chain security framework that provides the guidelines for your own company’s supply chain security model.
Our report titled SUPPLY CHAIN SECURITY – A COMPREHENSIVE, HOLISTIC FRAMEWORK provides the information to get you started.
Better still – run a one day workshop based on the content of the report. It will be the best 20K your company ever spent.
There are already plenty of nude photos in the cyberspace. No matter how attractive these celebrities are, their photos are not worth what is at stake. News Reports have been taken over by the celebrity nude photo celebration. Here is a good summary, in case you missed out:
” MICHAEL BRISSENDEN: Explicit photos of dozens of female celebrities have been dumped on the internet in what’s believed to be one of the biggest celebrity hacking scandals to date. Jennifer Lawrence, the Oscar winning star of the cult movie the Hunger Games, is among dozens of high profile Hollywood actresses to have naked images posted on the internet by hackers. The incident has raised serious questions about the security of internet storage systems.
So far I have not made an attempt to see the leaked photos. Come to think of it, I have seen enough of them (when I was working in merchant navy) to last me a lifetime – so I will do this either. Is it really that big a deal? These people had posed for the photos, so assumedly they did not mind some people seeing them in those poses.
It is really of question of which people, and in what circumstances. When I posed for this photo, I did so with full knowledge that some people will look at it, and it might perhaps even leak from my cloud account. I do not mind if it happens; though now that I have put it here in this blog, hacking them will be purposeless. If you have photos of yourself in the cloud that you would not like people to see, delete them or make them public. Privacy is a luxury that does not exist in the global village.
We are all Kardashians now. But, the purpose of this blog is not to decry the loss of privacy – in my view it is overrated anyway. Plus, that bus has departed long ago. Purpose, of this blog is to make a direct appeal to the hackers to not kill the cloud. Too much is at stake. Global economic integration, supply chain 3.0 planning, collaboration, concurrent engineering, even cool products such as the next generation of phones, watches and tablets – none of this will be possible anymore with data residing in cloud and enabling So dear hackers – you will lose your cool products.
You will lose the low prices for great things – cost of everything will go up massively, if supply chain 3.0 planning and collaboration cannot be accomplished. And, you will lose your own ability to send huge files across the internet to your friends. Would you like to see that happen? A few photos of scantily clad (or unclad) bodies are not really worth that much.