Companies are facing a variety of supply chain risks that can carry significant ramifications from lost revenue to damaged brand reputation.
The recently released "Supply Chain Risk Insights 2021," a report from the British Standards Institution (BSI), detailed some of the greatest threats to supply chains today, including COVID-19, cargo theft, counterfeiting of goods, global climate disasters, political instability, labor exploitation and human rights violations.
Based in London, the 110-year-old BSI produces technical standards for products and services, as well as provides research, software and services focused on supply chain management, standards adherence and cybersecurity.
The BSI global intelligence group, which conducted the research featured in the report, provides analysis and information around specific issues like supply chain risks such as criminal activity or sustainability, and helps organizations mitigate those risks, according to Jim Yarbrough, BSI's global intelligence program manager.
In this Q&A, Yarbrough discusses supply chain risks, what the insights report uncovered and what companies need to think about as they prepare to address them.
What are some of the most important supply chain risks organizations need to pay attention to today?
Jim Yarbrough: It's not all that surprising, but the pandemic was a big disruptor. One thing that we look a lot at is cargo theft, and the pandemic and lockdown really shook things up with that. For example, there were big changes in the commodities that are usually targeted for theft. There are always changes, but the pandemic [spurred] on a lot of areas around the world the theft of pandemic-related things like hand sanitizer and [personal protective equipment]. Now, we see theft of vaccines -- not just COVID vaccines specifically, but, in general, pharmaceutical products and vaccines are increasingly being targeted by criminals.
What steps are being taken to address these supply chain risks?
Yarbrough: For things not related to the pandemic, there's a lot more focus on regulatory regimes with new laws and regulations being passed and implemented around the world. We're seeing a much higher degree of focus on the environmental issues and human rights issues in the supply chain. Governments are dedicating more time and resources to addressing issues like human rights issues in supply chains, and putting responsibility onto companies to ensure that they're doing everything they can to make sure that their products are not being made with forced labor or through poor working conditions.
Other issues like deforestation have become important for a lot of organizations around the world, and it's becoming more common to see regulation that tells companies that they need to prove that their products are not contributing to deforestation.
Has the recent Biden Administration Executive Order on supply chain resiliency helped draw attention to the issues?
Yarbrough: Yes, it's good to see that they are making it a priority, because it's the responsible thing to do from a government standpoint. There have been supply chain regulations and programs for years in the U.S., but we're now seeing that these formerly supply chain security-focused regimes are now expanding to include things like cybersecurity and human rights within the supply chain, and to continue to drive that conversation to focus on these big issues and hold people accountable.
Jim YarbroughGlobal intelligence program manager, British Standards Institution
Where are the weakest links in supply chains that increase vulnerability to cargo theft?
Yarbrough: Cargo definitely becomes the most vulnerable in transit. You have a lot of control when you're in your own facility, but once the commodities leave the facility things, become very vulnerable. Usually, ground transportation is where it's most vulnerable, but air cargo is really complex. There are many more touchpoints to get shipments onto an aircraft for shipping, so each one of those touchpoints adds vulnerability to the product's security. You're also typically going to be moving more high-value goods via air cargo, so there's a lot of interest in air cargo, even if the volume is much lower than with road transport.
Are there systemic ways to lessen the vulnerability, such as supply chain visibility technologies?
Yarbrough: There's an arms race between companies being able to successfully track your shipments around the world, and the criminals advancing their technology to be able to hack into those systems. Hacking is becoming a much bigger problem, and criminals can understand when high-value goods are leaving facilities and target them in a much smarter way than they used to and find the really high-value goods. So, it's a constant push and pull in terms of who has the upper hand with the technology right now.
What about ransomware attacks, like what happened with Colonial Pipeline, which disrupted gas delivery in the U.S.?
Yarbrough: What's most concerning is that the more of these attacks that are successful and the ransom is paid out, the more it's just going to proliferate. I try to steer away from hyperbolic statements, but this phenomenon is very likely to be the biggest concern for organizations moving forward in the near future.
How does the high visibility of Colonial Pipeline or the Suez Canal incident raise awareness of supply chain risks for companies and regulators?
Yarbrough: These incidents and the pandemic put supply chain risk and continuity into sharp focus for everyone, as many of us felt it, personally, when we couldn't find basic goods at the store. That has really pushed supply chain resilience to the top of everyone's mind.
What's interesting about the Suez Canal is that we've known for a long time that you can have a global pandemic or even a single boat cause massive disruptions for an entire region. So, those single points of failure have now become boardroom relevant and brings all this into sharp focus for everyone involved. It used to be a challenge for those struggling with supply chain compliance and security to get more attention and resources on this. Hopefully, those arguments are not as hard to make anymore because of all of this exposure.
Editor's note: This Q&A has been edited for clarity and brevity.
Jim O'Donnell is a TechTarget news writer who covers ERP and other enterprise applications for SearchSAP and SearchERP.