Hybrid threats and the future of supply chain management
The term Hybrid Threat came of age during the global war on terrorism that still plays its rough sport today. Hybrid Threat is used to define threats that combine both regular and irregular forces and all other criminal forces all unified to achieve a mutual goal. Hybrid threats, when used, show the multiplicity of different actors and how complex a conflict, especially in this era can be.
Hybrid Threat in supply chain management is completely different from the counter-terrorism hybrid threat that we all know; however, they both share similar definitive roots. Over the years, specialists and analysts in supply chain risk management have used regular actors such as hurricanes and all other forms of natural and man-made disasters to challenge supply chain risk mitigating strategies and planning designs.
There are other regular actors that threaten most organisation’s supply chains; some of these threats are: regional conflicts and foreseen geo-political landscape alongside socio-economic issues. These and many more are some of the regular actors that most supply chains have to endure to get goods and services from point of origin to their intended customers.
The rise in hybrid threats show that supply chain risk management framework for all organisations must be continuously redefined to meet the ever changing and dynamic vulnerabilities and threats that works against it daily
In the last 2-3 years, we have witnessed a series of actors or supply chain adversaries that have simultaneously and adaptively employed a fused mix of both regular and irregular threats to disrupt global, regional and national supply chains knowingly and unknowingly.
Cyberattack on Maersk, which was estimated to cost the company as much $300 million, Qatar blockade due to alleged terrorism support, Brexit, increased ISIS attacks, increased disputes in international law and governance, challenge to globalisation in the rise of populism ideology, increase in maritime disputes, threat to free trade, NAFTA in limbo, migration issue in Europe and series of political and economic uncertainties.
All of this mention are just some miscellany of already existing threats and new irregular/unconventional threats that reflect significant impact on movement of goods and services globally.
The rise in hybrid threats shows that the supply chain risk management framework for all organisations must be continuously redefined to meet the ever changing and dynamic vulnerabilities and threats that work against it daily. It is one thing for the supply chain to build resiliency in order to efficiently aid the absorption of some of these threats which may be inevitable, and it is another thing to fight against it.
Any supply chain that wants to compete in the future must have a chain that is resilient and that can attack some of these threats as being defensive is not sufficient to subdue some of these threats. Proliferation of advanced technologies and supply chain reliability are high risk areas that are prone to attacks as we move into the supply chain of the future.
The future of the supply chain shows heavy reliance on digital footprint and cyber technologies and these will be areas of interest for different supply chain adversaries whoever they may be. Organisations vulnerabilities are being exploited daily and most organisations are not equipped to deal with the aftermath.
An attack on an organisation has a direct impact on the product and services value as well as its supply chain. Globalisation has facilitated the long supply chain we experience today and the longer the chain, the more complex it is and the more susceptible it becomes.
If product A is manufactured in Country X for consumption in Country B, Country Y is not friendly with Country B but friendly with Country X. Don’t be surprised if you find your supply chain being attacked by Country Y.
Since the inception of supply chain management into the business world, the modus operandi has been to take defensive tactics or modes of operation in aligning themselves within organisations that address supply chain risk management.
This defensive operating mindset can be attributed to how supply chain management came to being in the business world. A lot of organisations still do not see supply chain management as a functional part of an organisation.
Today, we are finally seeing C level positions in a lot of organisations who address supply chain management as a core functional part of its organization. There are still a lot of organisations out there who are still lumping supply chain management with other functional areas within the organisation.
It is this history of slow integration and lack of recognition of supply chain management function within an organisation that has hampered the ability of supply chain risk managers to mitigate future threats.
One of the main defensive tactics of supply chain management should be in its reliance on other functional areas of the organisation before acting.
A lot of supply chain systems are reactionary in nature and with that, defensive mode of operation is the only feasible way to operate. It will be extremely difficult to have an offensive mindset in a reactionary mode of operation.
The threats to the future of the supply chain can only be challenged with a combo of offensive and defensive approaches. Some organisations are already on the defensive and offensive mode of operation while some don’t see the reason to be. This operational mindset will determine the competitiveness of organizations in the future.
We should ask ourselves this “what does it mean to be offensive oriented in your supply chain management?” The answer is simple really; an offensive approach in the supply chain management context is always looking for ways to position an organisation through supply chain management to project power; they do this by always looking for ways to be innovative and counter any perceived weak point before being exploited.
Every supply chain has a weak link, ability to protect and defend the weak link is the difference maker. An offensive approach will not be reliant on other core business functions within the organisation and most importantly, an offensive approach seeks out ways to understand and approach challenges ahead of its time of impact.
The future of the supply chain is dense on cyber technology and with that comes hybrid threats and challenges which cannot be combated with today’s mitigating strategies.
As the population increases around the world, despite the populism movement and its protectionist ideas, I do not see how populism is set to impact the future of the supply chain rather than being an irregular force.
Supply Chain of services and products will become more complex and human wants are more insatiable, and that is why the need for supply chain risk managers to be more proactive and be offensive oriented in their approach is now.
This past week, we learnt that 57 million Uber drivers and riders information were hacked last year and this is just of the few reported hacks that affected related consumers. The traditional supplier mapping against an overlay of geo-cultural/political landscapes to determine propensity of traditional supply chain threats due to historic events will not be enough to position any supply chain to challenge any dynamic hybrid threats that would spring up in coming days, months or years.
Risk assessment and risk management for hybrid threats are not the same as the traditional threats we have faced before. These unprecedented mixtures of non-state actors in terms of threats to the supply chain will continue to increase in the future, so long as the increase in demographic shifts continues thereby encouraging more reliance on resource scarcity.
With these new changes in what is expected of the supply chain of the future in respect to hybrid threats, supply chain professionals must equip themselves with an additional set of skills to be able to drive value in making their supply chains ready for the future and in a bid to further build and strengthen supply chain resiliency.
Supply Chain professionals are encouraged to seek new knowledge in areas of economics and trade, national and international policies, data mining and data analytics, digital supply chains, programming and coding to a large extent and most importantly having a deep understanding of their own geo-political landscape and how it affects their suppliers and vice versa.
As the future of supply chain is set to embrace the use of block-chain technology, internet of things, machine learning and all its derivatives, the question we should be prepared to answer are, “How are different organisation getting their supply chain ready for the different vulnerabilities that comes with these new technologies?, Are proper risk assessment done to gauge the threat level associated with supply chain future?
Are the supply chain professionals within the organisations equipped to face challenges that comes with dealing with supply chain of the future?, Are the risks worth the effort?, What type of risks are organizations willing to tackle offensively?, Is the current supply chain resilient enough to be defensive?, What is the cost of allowing some of these threats to fall through?” These and many other questions should be raised as organisations prepare their supply chain for things to come.
There is no template or cookie cutter approach to designing a resilient supply chain as every organisation is different. A high risk threat to Company A might be an extremely low risk threat to that of Company B. Asking the right questions and equipping professionals with necessary tools to aid the identification, and designing of a supply chain that fully understands and takes into account the dynamic environment with the best interest of all its stakeholders at heart.