The following is a companion piece to our recent webinar, “Supply Chain Security: Managing Risk Amidst a Changing Geopolitical Landscape,” which you can watch on our website.
—
For the last decade, the public and private sectors have faced increasing complications managing complex and dispersed international supply chains. The issues confronted are extensive, including physical and cybersecurity vulnerabilities, trade and customs compliance, the threat of malign foreign influence, and supply chain resiliency. In 2020, these trendlines have accelerated further, with organizations now having to manage the COVID-19 pandemic, heightened geopolitical tensions, and natural disasters, creating a series of disruptions unrivaled in modern history.
Evolving Factors Challenging the Global Supply Chain
At the heart of the issue is the global system itself. A decades-long focus on supply chain optimization, leaner inventories, and asset utilization has removed many of the buffers that would otherwise help absorb major disruptions. The global pandemic exposed just how vulnerable traditional supply chain models are from a resiliency standpoint, with global shortages in Personal Protective Equipment (PPE), pharmaceuticals, and even food on grocery store shelves a few of the notable case studies.
Alongside this, after decades of economic integration, there is a real appetite to decouple the Chinese-American relationship on national security grounds. In the wake of significant Chinese investment into the U.S. technology sector and subsequent transfer of technology, the U.S. Congress has passed bipartisan Foreign Investment Risk Review Modernization Act (FIRRMA) legislation to update Committee of Foreign Investment in the United States (CFIUS) regulations to prevent the loss of key technologies and thwart the siphoning of sensitive data.
The moves to bring back semiconductors and pharmaceuticals are likely just the beginning of the push to reinvent global supply chains and move them away from China. However, with every effort to decouple we learn more about the dependencies between companies in the U.S. and China, and the second and third order effects for those caught in the middle.
Risk Management, Not Risk Elimination
When confronting these varied challenges, it is not about risk elimination, but managing risk, anticipating disruptions, and planning appropriate contingencies.
From our perspective, there are five key elements that can be applied to risk management across physical and technology supply chains, outlined below. While specific approaches depend on where you sit within your organization, as well as the nature of the business itself, these elements serve as a baseline that can be applied to any security program.
1) Visibility: Do we have centralized visibility on providers of goods and services to our organization?
2) Risk: Do we understand key risk factors, such as strategic suppliers and where products are developed?
3) Defense-in-Depth: What controls are in place to limit risk, and do these apply across the full lifecycle of the product or service?
4) Contingency Planning: Have we conducted global scenario planning that considers issues like alternative sources of supply?
5) Testing and Validation: What do we have in place to continuously assess and validate suppliers?
Crafting a Supply Chain Risk Management Approach
While many of these issues affect a wide variety of stakeholders in different ways, the evolution of some of the most serious disruptions and security incidents suggest an increasing number of commonalities between CSOs, CISOs, Supply Chain Managers, General Counsels, and their counterparts in the government.
Given the varied threats, a proactive and a holistic approach must be a top priority for organizations looking to better prevent, respond to, and recover from supply chain disruptions in the future.
For more insight, watch our recent webinar, “Supply Chain Security: Managing Risk Amidst a Changing Geopolitical Landscape,” that discusses:
- Supply chain risk posed by the evolving geopolitical landscape and COVID-19 pandemic
- Foreign influence considerations for the global supply chain and takeaways from the CFIUS approval process
- Adaptable frameworks for supply chain risk management
- Key considerations for executives and supply chain practitioners over the next five years
Offering unparalleled insights into Client supply chains, and using our SAFETY Act designated risk management methodology, The Chertoff Group helps Clients assess, mitigate, and monitor supply chain risk in today’s dynamic environment. Through our network of providers, our Supply Chain Risk Management process addresses challenges at all nodes of our Clients’ supply chains.
{{cta(’53cea5ce-3298-4c85-93a4-0efde851409b’,’justifycenter’)}}
