March 19, 2019

Cyber Threats Loom Large

Jon Bovit

Download the full 2018 annual report here

Cyber attacks continued to grow in intensity in 2018, with alarming new trends evident. First, government agencies are now being attacked more frequently. The March 2018 attack on computers and networks in Atlanta—a major national transportation hub—was the largest successful ransomware cyber attack on a U.S. city. In the private sector, aerospace, hi-tech, life sciences, metals, mining and natural resources companies experienced cyber attacks in 2018. The medical device segment in particular was recognized as an industry in which cyber attacks on manufacturers could pose threats to patients. After cybersecurity vulnerabilities were identified in the Internet connections used by Medtronic to update software in cardiac implantable electrophysiology devices (CIEDs), the company issued a voluntary recall in collaboration with Food and Drug Administration. Following this event the Healthcare Sector Coordinating Council, a joint group on security issues between industry and government, published a joint security plan addressing the challenges faced by medical devices. Similarly, a computer virus attack at Taiwan Semiconductor Manufacturing Company (TSMC) was caused due to a failure in following proper operating procedures for virus scanning.

Read More

March 18, 2019

Top 5 Event Types by Region

Shahzaib Khan

 

Read More

March 18, 2019

EventWatch 2018 Impact Events

Shahzaib Khan

 

Read More

March 14, 2019

Healthcare Transparency Initiative (HTI)

Graeme Dykes

 

Read More

March 11, 2019

Most significant Events

Shahzaib Khan

 

Read More

March 11, 2019

EventWatch 2018 Bulletins

Shahzaib Khan

 

Read More

March 20, 2015

Sharing Business Continuity Plans Benefits Both Suppliers & Customers

Bindiya Vakil

Business continuity management (BCM)'s scope is perceived largely as internal to company's operations. In today's environment, biggest risks are from raw material suppliers or external partners. 

With any supply chain disaster, the rippling effects of factory damage or shut downs can be immediately felt. Take the 2011 Japanese earthquake, as an example. Factories affected by the disaster were shut down, resulting in parts shortages at major suppliers which caused lines down and factory down times at large automotive manufacturers.  The impact rippled through the supply chain layers.  High tech, automotive, aerospace and other sector companies quickly found out that some of their suppliers were located or dependent on Japanese manufacturing facilities days and weeks after the event.  Many supplier dependencies were not identified until much later.  

Read More

January 30, 2015

Supply Chain Mapping Forms the Foundation for a Robust SCRM Program

Bindiya Vakil

Almost every article about supply chain risk management begins with the complexity and global reach of today’s supply chains.  Over the last fifteen years, companies have made some very critical supply chain enhancements – sourcing from low cost countries, outsourcing manufacturing to sub-contractors across the globe, and going lean.  I characterize these enhancements as Supply Chain 2.0.  

Read More

November 14, 2014

Two Keys to Gaining End-to-End Supply Chain Visibility

Charlotte Hicks

Pharmaceutical supply chainRecently, while reviewing Zurich’s Supply Chain Resiliency 2014 report, I came across an interesting statistic: 51% of respondents report having a disruption below a tier 1 supplier, however only 27% of the respondents monitor below tier 1. I began to wonder, if there is a significant probability that a company will have a disruption in the sub-tiers, why aren’t more companies taking proactive steps to monitor the sub-tiers? Then I thought about my own experiences as a risk mitigation manager in the chemical and raw material supply chain and the challenges I had monitoring the sub-tiers. It really came down to two factors: supplier trust and supply chain manager time.

Read More

October 17, 2014

Supply Chain Risk Management Budget: Debunking the Myth

Bindiya Vakil

Many supply chain professionals today believe that companies just don’t have the budget for supply chain risk management.  I want to put this argument to rest.  Almost all companies spend time, money, effort and resources on managing and mitigating supply chain risks. This includes finding alternate sources for their parts.  Companies spend millions on inventory optimization and other software to put in place optimum buffer levels to protect their business.  People focus a portion of their time developing supplier relationships and executing risk mitigation strategies to protect their business.  All of this effort and dollars constitute the supply chain risk management budget.  It is rare to find a company out there which ignores all of these activities completely.

Common Misconceptions

The misconception about the budget for SCRM arises from the fact that the budget for these activities typically sits within the normal operating budget.  It is usually not explicitly segregated.  So the good news is that supply chain risk management is an integral part of every company’s every day operations.  The opportunity (not bad news) is that for the most part, risk management activities are mostly ad hoc and are done without a unifying framework or explicitly stated strategy. 

Supply chain resources are mostly focused on the here and now problems – my shortage today, that excess I need to disposition to meet my inventory turns target, this quality issue, that ECO and so on.  They have very little time to step back and look at risk strategically.  This is why they focus on inventory as the most common strategy for risk management.  They don’t have the information or analytics readily available to pursue other more effective strategies targeted at the specific exposure.

This lack of time and perceived lack of budget is the opportunity.  If resources have very limited time, then supply chain executives need to make sure that their organizations optimize this time to mitigate the right set of risks.  The need is to have information and analytics at their fingertips so they can direct their efforts to the right set of risks.  The limited time and resources should be used towards executing a mitigation strategy that really addresses the right critical part and the right exposure for that part.  Incidentally, critical part/supplier here is not defined in terms of spend but in terms of impact to business of losing its supply!  And inventory and second sourcing are not always the right solutions.  In fact, inventory can create exposures to other risks like obsolescence, and second sourcing can be expensive and time consuming (more on that to come).

AMR’s 2008 Global Enterprise Application Market Sizing Report supports this assertion that the need for better more deliberate SCRM will cause companies to adopt optimization and simulation tools.  Below are additional findings from AMR’s 2007 survey of 89 manufacturing & retail companies on Managing Risk in the Supply Chain (Hillman & Keltz):

“SCRM is an increasingly important initiative for supply chain and operations professionals. 46% of firms plan to implement or evaluate SCRM technology in the next 12 to 24 months.  One-third of firms say they have dedicated budget line items for SCRM activities.  54% of firms plan to increase their budgets for SCRM over the next 12 months. Of those firms, the average spending increase will be 17% year over year.”


Bindiya Vakil is the CEO and founder of Resilinc. She will be part of a panel on "Risk Mitigation: Contingency planning and the art of always being prepared" at the upcoming 8th Annual Hi-Tech & Electronics Supply Chain Summit this October 28th, 2014. To hear Bindiya speak, register here.

Read More