Back to all Blogs »

China has become the world’s strongest major economy thanks to our desire for buying the cheapest but what does the current situation show us about supply chain risk?

Whilst China’s record on wild animal trading leaves a lot to be desired, it’s probably going to receive an unfair level of blame in the case of the COVID-19 outbreak. After all, Western countries have merrily been factory farming for decades now despite repeated warnings of the consequences. However memories are relatively short and in all likelihood we will go back to forgiving China for this in a year or two, as we have forgiven them for their human rights record, their record on intellectual property, their record on economic process, etc. In the end society has bought into the concept of more is more, and there’s nothing like cheap stuff to accumulate more. If China is making it cheaply, then we will buy it.

What might actually create greater economic pain for China than the political fallout is the growing focus on risk management. In the current pandemic, with countries going into lockdown, countries coming out of lockdown, consumer value judgements changing and other fluid variables, we’re in a time of greater volatility than perhaps previously seen in the modern era. Business managers everywhere are grappling with a wild variations in demand, constantly changing operational and human challenges, not to mention an unstable supply chain environment. While there has been progress in digital integration of supply chains, many will be wishing they had more visibility and agility right now.

Supply Chain Diversification, Balancing & Agility

As many commentators have pointed out, this pandemic is in no way a surprise. It was entirely expected by science and now we’ve seen the that scientists were right, we will perhaps be more inclined to prepare ourselves when they tell us it will happen again, not to mention other projected risks that may impact the global supply chain. That means a real shift in supply chain strategies, moving from simply having more than one supplier, to having suppliers across diverse regions and integrating more with those suppliers. Supply Chain diversification, supply chain balancing, supply chain agility. All of these will drive us away from a consolidated manufacturing base and toward something that is more regionally diverse, and shifts and adapts more quickly.

Supply Chain RisksIn terms of agility, digital relationships will become a focal point from a risk perspective. Historically IT integrations with suppliers was enabled to deliver efficiencies and automation, but supply chain visibility, capacity flexibility and dependencies will all now be more prominent in managers thoughts. All this is already creating an acceleration in commitments from manufacturers in investments around digital supply chains and industry 4.0. What may not be as close to the front of their minds is the security implications of that broader supply chain system. A chain is only as strong as it’s weakest link, both in terms of product resilience but also cyber resilience. Research suggests that more than half of businesses don’t have complete visibility of their supply chain, so the possibility of a weakness must currently rank as high.

Looking at geographic diversification of supply chains, risk assessments of new suppliers will be covering many aspects such as infrastructure, legal, labour supply, communications and security, and while we’re focused on pandemics right now, there are plenty of other risks waiting to give managers future headaches. The environment and severe climate events is an obvious candidate but another kind of viral problem, cyber-crime sits right up there in terms of the likelihood and impact of events.

Supply Chain Risk
Scatter plot showing likelihood and impact of potential risks. World Economic Forum Global Risks Report 2020

Put these 2 factors together and you have an attention grabbing threat that has the potential to undo a lot of the good work being done in other areas by stakeholders, in ensuring we are both adapting to a pandemic world and ensuring we’re better prepared next time. With supply chain automation already high on the agenda for many businesses pre pandemic, the acceleration in adoption that’s coming should push this issue right up there on businesses priorities.

An Effective Risk Management Platform

As with many aspects of business, where moving into the 21st century we grapple with the true complexity of the systems and environments we operate in, tools are more critical than ever to enable monitoring and good decision making. One example of this is Accelerate Technology’s risk management platform for cyber security. This effective platform not only offers a structured and manageable approach to an organisations cyber risk management, but also including a supply chain module that is fit for purpose in assessing new and indeed existing suppliers. This is a requirement for any business with ISO27001 or an intention to qualify.

Instead of recording cyber and supply chain risk through endless and cumbersome Excel spreadsheets, or attempting to manage the responses or accuracy of your supply chain through email audits, it is possible to create a joined-up approach to supplier management and understand the associated risks to the business. This understanding in turn enables management to gain a clearer view of what their risks are and what actions could be appropriate, not just at that point but over time. As more high-profile breaches occur it could be of some comfort to know an organisations exposure.

In conclusion, a risk ready supply chain will mean both diversifying supplier regions (a China+1 approach as some would call it) and building more agility into the relationships with increasing digitisation of that supply chain. Getting to grips with that wider system will not be a simple task for management, especially in the deeper, more co-dependent chains but it’s a task worthy of investment. Here’s to embracing the challenge… and the tools.

Take the next step with Accelerate Technologies, contact the team to discover more about cyber risk and compliance solutions or to learn more about our comprehensive Cyber Security Assessment service.


Subscribe to Cyber Security & Resilience Insights