Supply chain 2013: Stop playing whack-a-mole with security threats
As supply chain threats grow ever more sophisticated, companies tap new technologies to protect their assets and deliver the goods.
Computerworld - IT leaders can be excused for feeling like their supply chains are one link away from disintegration these days. The news over the past few months has been alarming, from outcries over horsemeat in Europe and mislabeled fish in New York to the longer-term impacts on supply chains from environmental events like the tsunami in Japan, monsoons in Thailand and the volcano in Iceland.
And those are just the highly publicized issues. Increasingly, CIOs are challenged to protect their supply chain from physical and cybertheft, counterfeiting, potential scarcity of materials and regulatory mandates such as removing lead from materials. Welcome to Whack-a-Mole, supply chain-style, where you attack one problem, only to have another pop up elsewhere.
Experts say the problem is only going to get worse. "Globalization lengthens supply chains and increases complexity," says Emma Scott, spokesperson for the Chartered Institute of Procurement and Supply (CIPS) in London, the professional organization of procurement professionals. "When supply chains are leaner, any disruption affects you more" -- and, thanks to a decade or more of globalization and cost-cutting, supply chains these days are very lean.
This makes the issue of visibility into the supply chain -- or the lack of same -- that much more critical, says Matt Smith, founder and chief strategy officer of Icix, a cloud-based exchange for supply chain partners based in South San Francisco, Calif. "Companies have visibility into purchasing and logistics, but not into where materials or ingredients or components are actually grown or manufactured. When you lose visibility, you get horsemeat in meatballs, e coli in spinach, lead in toys and worse."
Then there's velocity to consider. "You have to move information faster to enable the supply chain to react to changes. Velocity allows us to plan more aggressively. That's what wakes me up in the morning," says Nathan Johnson, CIO of Ports America, which manages 42 ports around the United States. One of his big concerns: spikes in transport costs because of fuel prices. "The only way to get around that is more productivity and more efficiency."
The good news: Technology can address the issues of productivity, efficiency, visibility and risk. The challenge: When supply chain experts say "technology," they're talking about more than RFID tags, GPS and temperature sensors.
CIOs need to think about supply chain metadata -- the information about the supply chain that's stored, transmitted and updated in such a way that IT can help procurement experts monitor and protect all of the intricate, interconnected pieces of the supply chain.
"The world is changing at such a fast pace," sums up CIPS' Scott. "People have to think on their feet because the risks are unprecedented."
Monitor multiple points of vulnerability
Perhaps the biggest challenge relating to supply chain vulnerability comes from the unforeseen risk that any given link will fail, an increased scenario given today's extended, multi-tier supply chains. "The points of vulnerability are greater than they ever were," says Ben Zelinsky, director in the supply chain technology practice at PricewaterhouseCoopers. "Because supply chains are outsourced and subcontracted, controlling each point becomes more difficult."
Explains his colleague Glen Goldbach, director in the operations and supply chain practice, "You may have protected yourself by having two tier-1 suppliers for the same component, but if the same tier-2 supplier serves both of them, and that company fails, you lose the entire chain."
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts