1 / 22

Supply Chain Response to Global Terrorism: A Situation Scan Corporate Response

Supply Chain Response to Global Terrorism: A Situation Scan Corporate Response A Research Project Update to ISCM Sponsors by The SC Response to GT Team October 16, 2002 Outline Work done so far Security: Transports Information Infrastructure? Resilience

Solomon
Download Presentation

Supply Chain Response to Global Terrorism: A Situation Scan Corporate Response

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Supply Chain Response to Global Terrorism: A Situation ScanCorporate Response A Research Project Update to ISCM Sponsors by The SC Response to GT Team October 16, 2002

  2. Outline • Work done so far • Security: • Transports • Information • Infrastructure? • Resilience • Supply Chain strategies after 11/9 • Public and private initiatives • Open Issues from Sheffi’s work • Next steps • Discussion

  3. Work done so far Literature review through more than 150 papers, articles and documents from different sources. The most relevant are: • Academic Journals: • International Journal of Logistic Management, International Journal of Physical Distribution & Logistics Management, The Journal of Supply Chain Management, Harvard Business Review • Industry Journals: • Supply Chain Management Review, Journal of Commerce, World Trade, Traffic World, Computerworld, Material Handling Management , Informationweek • Newspapers and magazines: • The Economist, Business Week, The NY Times, The Wall Street Journal, Observer • Governmental agencies and committees: • The President’s Critical Infrastructure Protection Board, D.o.T. Federal Transit Administration • Conferences: • Forum on Intermodal Freight Transport, Federal Forecasters Conference • Universities and research centers: • Central Michigan University (for CLM), Carnegie Mellon University • Consulting firms: • The McKinsey Quarterly, Strategy+Business (Booz, Allen and Hamilton)

  4. Security: The Transportation Issue • Stricter controls at the borders: • More work for Customs, and also longer clearance time, resulting in delays and extra costs. • Changes in supply and distribution patterns: • E.g. Emery Worldwide reported a shift towards lower cost modes of transportation to compensate the cost of security. • Who is going to pay for it? • The answer so far has been “make the user pay”… • …but security is a national issue, shippers say, thus the government should pick up the cost. • Does the general public want to pay for security in form of a tax or as part of the cost of goods? • Advantages exist for major, well known carriers • Carriers with both resources to provide higher security and good reputation are better positioned in the market. • E.g. Michelin and Unilever rely on established relationships with carriers to ensure security in their imports.

  5. Security in Transportation: the Technological Answer The most common answer to security concerns so far seems to be the use of technology. Many applications developed to prevent people from stealing goods from a container also can work to prevent people from putting inside anything else: • Supply chain software (e.g. asset management tools and logistics portals) • Can be tuned to accommodate security applications • Radio frequency identification (RFID) • Allows Automatic Equipment Identification, thus enhancing visibility • Electronic seals • Allow full-time monitoring, in order to detect any attempt of cargo tampering

  6. Security in Transportation: the Technological Answer • Security sensors • Can monitor cargo and conveyance conditions (e.g. contraband “sniffers”) • Wide area communications and tracking • Platform that can exploit condition sensors, transaction confirmation tools and GPS-like geo-location information to provide complete real-time monitoring • Biometrics and smart cards • Fingerprints, hand geometry, eye-retinal, eye-iris, facial recognition, voice recognition and dynamic signature, combined with smartcards, can increase security …but the lack of standards limits their use!

  7. Security: the Information Issue • Already a major concern before 9/11…

  8. Information Security: National Priority • …Today it’s a national priority • 3,700 attacks reported in 1998* • Expect more than 110,000 in 2002 at current rates • The real dimension of the problem is still underestimated • Due to both the limited information available and the difficulties in evaluating the cost that companies are facing. • The President’s Critical Infrastructure Protection Board takes action • Prepared The National Strategy to Secure Cyberspace. * Per Carnegie Mellon University’s Computer Emergency Response Team’s Coordination Center

  9. Information Security: New Vulnerabilities • ….And new vulnerabilities include: • Borderless networks: New vulnerabilities are created when partners are granted access to the company network. Collaborative solutions imply new threats. • Mainframe computers: They received limited attention for security so far, but their connection to the Internet expose them to new risks. • Instant messaging: This tool can bypass both firewalls and anti-virus, thus creating breaches in the security apparatus. • Insider threats: Approx. 70% of all cyber attacks are believed to be perpetrated by trusted “insiders”, i.e. authorized personnel with access to the information system.

  10. Information Security Tools The National Strategy to Secure Cyberspace suggests a range of A.C.T.I.O.N.S.: • Authentication: • Processes, procedures and devices to ensure the identity of network users. • Configuration management: • Plan network architecture and manage hardware, software and responsibilities with security in mind. • Training: • Train employees on information security practices and foster an enterprise security culture. • Incident response: • Develop capabilities to respond to incidents, mitigating damages and recovering systems. • Organization network: • Have security, IT, and risk management functions working together. • Network management: • Assess, remediate and monitor network vulnerabilities. • Smart procurement: • Ensure that security is embedded in the systems. Not only hardware and software tools then, but a comprehensive approach to information security.

  11. Resilience: a New Issue? • Resilience is the ability to bend and bounce back from hardship. • As a personal characteristic, it has been studied for 40 years by psychologists and psychoanalysts. • Today, this word is widely used for companies: • In this case, it refers to the ability of a company to react to an unexpected disruption and restore its normal operations. • A new concept or just a new word for flexibility, agility or adaptability? • Resilience refers to a major disruption in the firm’s facilities, infrastructure or environment, due to factors that are external to market, economic or technological dynamics. • Examples: • Morgan Stanley immediately evacuated the WTC on 9/11, losing “only” 7 of its 2,700 employees, and continued business in its three pre-arranged recovery-sites. • UPS was delivering packages in southeast Florida just one day after Hurricane Andrew, even to customers living in cars.

  12. How can Resilience be acquired? • Assessing current vulnerabilities and risks faced by the company. • From a supply chain perspective, i.e. considering customers, suppliers and other partners. • Developing or adapting contingency plans. • In light of the magnitude of disruption that today is considered possible. • Building a continuity management infrastructure and training people. • The first ingredient for resilience is people, how they are organized and trained, and clear responsibilities in case of emergency. • Involving strategic partners. • A supply chain is as strong only as its weakest link. • How can resilience be measured? • Is resilience something you can measure only after a disruption has occurred? • An indirect measure could be the extent to which your company is prepared to face disruption.

  13. Supply Chain Strategies after 9/11 • Bringing suppliers closer to the factory: • Ford is building a supplier park near Chicago, to concentrate a large number of its tier 1 and tier 2 suppliers. • Alternative transportation modes as backup: • Chrysler used expedited truck service to backup air freight for parts from Virginia to Mexico immediately after 9/11. • Continental Teves used existing contingency relationships with carriers such as Emery to supplement air cargo delivery after 9/11. • Pfizer built strong relationships with carriers to be able to arrange fast ground transport in case the air system is shut down.

  14. Supply Chain Strategies after 9/11 • Decentralized distribution: • Abbott Labs is expanding its distribution of some products that were previously concentrated, due to high value and handling requirements. • Automation in material handling: • Hewlett Packard is increasing automation to increase both efficiency and security • Electronic seals and sensors on cargo: • Dell is using smart seals on containers to indicate if they were opened during transport. • Wal-Mart adopted temperature monitors on trailers to ensure meat safety. • Corporate & Corporate-Government Alliances

  15. Initiatives Currently in Place • Customs (Department of the Treasury): • Customs-Trade Partnership Against Terrorism (C-TPAT): • Certified companies assume responsibility for cargo security and are granted “fast lanes” at Customs. • Container Security Initiative (CSI): • Identify and pre-screen high-risk containers before they arrive in the U.S., exploiting the latest technologies. • Automated Commercial Environment (ACE): • Information technology system to process goods and merchandise imported in the U.S. • Business Anti-Smuggling Coalition (BASC): • A business-led, U.S. Customs-supported alliance created to combat narcotic smuggling via commercial trade. • Carrier, Land Border Carrier and Super Carrier Initiatives: • Anti-drug smuggling training to air, sea and land commercial transportation companies. • The Treasury Advisory Committee on the Commercial Operations of the US Customs Service (COAC): • Representatives of the trade industry at large, including importers, ports, customhouse brokers, trade attorneys and carriers.

  16. Initiatives Currently in Place • Department of Transportation: • Marine Transportation System National Advisory Council (MTSNAC): • 30 senior-level representatives from transportation-related organizations. • National Infrastructure Security Committee (NISC): • Officials from the DoT and US Customs. • Joint initiative of the Customs and the Coast Guard (DoT): • Operation Safe Commerce: • Tracking goods from the source to the destination in the U.S. • Homeland Security • Homeland Security Advisory Council: • A group of 21 leaders from business, academia and state and local government that advise the Bush administration. • National Infrastructure Protection Center (NIPC): • Representatives from U.S. federal, state, and local Government agencies, and the private sector housed at FBI HQ, focused on protecting IT infrastructure. • DoC – Technology Administration • National Institute for Standards and Technology (NIST) • Computer Security Division (CSD)

  17. Initiatives Currently in Place • Industry • Smart and Secure Tradelanes (SST): • A seaport operators driven initiative to deploy the Total Asset Visibility (TAV) network (pioneered by the DoD), in order to improve tracking and security of shipments. • Strategic Council on Security Technology (SCST) • Council of Security & Strategic Technology Organizations (COSTO) • Technology Asset Protection Association (TAPA) • Business Executives for National Security (BENS) • Advanced Medical Technology Association (AdvaMed) • National Petrochemicals & Refiners Association (NPRA) • American Chemistry Council (ACC) • National Industrial Transportation League (NITL) • …

  18. Open Issues from Sheffi’s work • Efficiency Vs. Redundancy: • Evidence so far shows that efficiency is sacrificed only when the risk is very high. • Many claim for improving both efficiency and security, but solutions are still lacking. • Collaboration Vs. Secrecy: • Evidence so far shows an increase in collaboration aimed at improving security, within both the private and the public sectors. • Higher attention is given to choosing and monitoring partners, since they can introduce vulnerabilities. • Centralization Vs. Dispersion: • Evidence so far does not show clear patterns. • The decision driver is the risk perceived (i.e. whether vulnerability is linked more to facilities or to transportation).

  19. Open Issues from Sheffi’s work • Lowest Bidder Vs. Known Supplier: • Evidence so far shows a shift towards the second. • The cost of security, in terms of both risk and prevention, often outbalances the savings offered by the lowest bidder. • Security Vs. Privacy: • Evidence seems to show a general shift of attention towards security, even if privacy is at a stake. • The issue needs to be managed at regulatory level, anyway the trend today is towards allowing higher freedom to public agencies, while private subjects are still limited.

  20. Next Steps • Situation scan through phone interviews • The goal is identifying leading practices and spotting out new approaches. • Approx. 20 leading companies. • In depth analysis of interesting cases • The goal is obtaining a detailed picture of strategic and operational rationale behind advanced security strategies • A few case studies

  21. Discussion • What compromises has your company made to increase security? • Who is in charge of security within your organization? • What are you doing to assess the vulnerability of your supply chain? • Is your company resilient? How do you measure it? • Is your company participating in any public or private security initiative? In which way?

  22. Suggested References • Sheffi, Y. (2001), “Supply Chain Management under the Threat of International Terrorism”, The International Journal of Logistics Management, Vol. 12, No. 12, pp. 1-11. • Martha, J., Subbakrishna, S. (2002), “Targeting a just-in-case Supply Chain for the Inevitable Next Disaster”, Supply Chain Management Review, September/October, pp. 18-23. • Coutu D.L. (2002), “How Resilience Works”, Harvard Business Review, May. • Andel. T. (2002), “The new world of global distribution”, Material Handling Management, Vol. 57, No. 1, pp. 24-26. • Hulme, G.V. (2001), “Management takes notice”, Informationweek, September 3, pp. 28-34. • Hulme, G.V. (2002), “In Lockstep On Security”, Informationweek, March 18, pp. 38-52.

More Related