Corporates Urged To Take An Introspective Look At Supply Chain Risk

Corporates Urged To Take An Introspective Look At Supply Chain Risk

From the coronavirus crisis to REvil ransomware attacks to the Suez Canal blockage, the volume of supply chain disruptions continues to grow, and businesses have their hands full with mitigating risk on multiple fronts.

Jennifer Bisceglie, founder and CEO of Interos, said the damaging results of these events tend to share one thing: “It’s a perfect storm coming together of physical, digital, human and natural disasters and mistakes,” Bisceglie told PYMNTS in a recent interview. “The common denominator for all of this is the utter lack of visibility.”

As organizations prioritize supply chain risk mitigation and supplier management, firms are taking a more strategic look at how to minimize disruption. But there are some missteps that companies continue to make, Bisceglie noted, and as companies begin to hold their suppliers more accountable for their supply chain stability, they must also hold themselves to those high standards too, she said.

Evolving Risks

Natural disasters and human error have always threatened the function of global supply chains. But today’s biggest risks between buyers and suppliers are more complicated and multifaceted than ever before.

“We can no longer separate the physical and the digital supply chain,” said Bisceglie. “And you can’t separate the financial liability of companies, the operational risks where companies are operating, from the exposure to cyber risks.”

Organizations taking a more progressive stance against supply chain disruption must examine both the physical and the digital elements of their exposures. Further elevating this fight is the ability to embrace continual analysis of supply chain threats.

“The biggest problem is to ever think that you have managed the risk in your supply chain by doing point-in-time survey assessments,” Bisceglie said. “We have to focus on continuous monitoring. Because when anything happens in the world, there is a ripple effect to all connected businesses.”

Digital threats like business email compromise (BEC) or ransomware reflect how malicious actors are penetrating an organization’s safeguards from multiple angles and can strike at any moment. A point-in-time assessment of a supplier’s email security protocols do not necessarily guarantee a cyberattack will not impact that partner in the future.

All In This Together 

Another potentially disastrous oversight organizations can make is failing to understand the domino effects of their own actions, not only upon tier-one suppliers but far further down the supply chain.

Delayed and late B2B payments can create widespread disruption with sometimes fatal consequences for a business, for example.

“There is always a chance you’re going to inadvertently put somebody out of business,” Bisceglie warned, who noted that, as organizations took stock of their financial positions and secured stimulus funding, many had to pick and choose with vendors to pay and pay on time. “The financial ramifications can be a big negative.”

These scenarios create an extra dynamic of disruption to the financial supply chain in addition to the threats that can disrupt the physical supply chain. And while one business’s delayed B2B payment may not immediately appear to have many consequences, that supplier’s inability to pay their own vendors can quickly throw a supply chain out of whack.

This raises yet another concept that some organizations may struggle to grasp as they intensify their supplier management efforts.

As Bisceglie highlighted, third-party risk analysis is important, but it’s just as important for a business to understand its own position in the supply chain as a partner.

“You may look at your third party to see how they are operating,” she said. “But you’re also someone else’s third party.”

She went on to say firms must reframe how they strategically examine supply chain management as an effort in which the businesses can become part of the solution and risk-mitigating effort. Continuous monitoring of suppliers is important, yes, but so is continuous monitoring of one’s own risk exposure, response plans and decision making.

Today, organizations can no longer settle with risk transference, holding their vendors to higher standards to combat supply chain disruption. They must hold themselves to higher standards too.

“Those that are going to get out the strongest really need to be focused on supply chain risk,” said Bisceglie. And that goes for their supply chain partners and for themselves.