If 2021 was about knowing what’s hiding in the crevices of your supplier network, 2022 is about illuminating and combatting new types of supply chain risk. What’s making our team toss and turn? Get your nightlights ready.
We asked our experts about the Top Supply Chain Risk categories we’re frontrunning for our clients – from C-Suite to boards, supply chain analysts and procurement teams:
Deep Supply Chain Network Risk
The most well-equipped and technologically advanced threat actors – many powered by nation states – understand that the most advanced firms no longer have traditionally exploitable attack surfaces. They have, in turn, begun to leverage non-traditional threat vectors such as less secure secondary suppliers (or fourth party or deeper vendors). These may be providing inconspicuous widgets or insecure software installations which can be used for attacks. The most forward-thinking firms have started to manage beyond their direct supplier and vendor risk(s). They are harnessing deep machine learning and AI technologies to analyze and scan their truly cavernous supplier networks. This technology can analyze billions of supply chain records from disparate sources across hardware and software supply signals. They dig deep into their supply chains to mitigate indirect, inherited risks today to avoid being exploited tomorrow.
– Skyler Chi, Director, Deputy Global Head of SCRM & TPRM
There has been rising geopolitical and commercial disruption stemming from the continuing U.S. – China uncoupling. As a result, we are predicting increasing U.S. blacklisting of Chinese firms, like the China Telecom ban this past October. It’s also likely the Chinese Communist Party (CCP) will externally express their aggression toward the U.S. and the West through overt economic coercion and market abuse, as well as covert cyber campaigns, espionage, and associated IP theft. Meanwhile, there will be unpredictability within the CCP directed at its own key industrial and economic sectors through stricter regulation. Individually and combined, these three avenues will cause supply chain shocks that will impact the U.S. and most other economies. It will consequently drive U.S. onshoring of manufacturing deemed critical to national security. If China attacks Taiwan, absorbing its advanced semiconductor production capability, the global semiconductor supply chain will be thrown into disarray.
– Tim Stone, Senior Director, Supply Chain Risk Management
Modern Slavery Risk
Regulatory and consumer pressure have made Modern Slavery Risk a key supply chain focus going into 2022. The current administration is taking measures against forced labor. This is forcing companies to address the risks that lie deep in their supply chain. They are beginning this journey by asking questions such as who their suppliers’ suppliers are and where are raw materials in their products produced. Companies should also seek tools that utilize real-time information to proactively identify, mitigate, and manage these risks.
– Dan Banes, President, Commercial Tech
Cyber Security Risk
Cyber risk indicators generated by severe vulnerabilities targeted by hackers, like Log4j, will continue to multiply in 2022. Therefore organizations have to confirm their own systems are mitigating these vulnerabilities and confirm that their partners throughout their supply chain do the same. Regulations are on the rise in the cyber security practice arena for critical infrastructure/federal system operators. Those controls will increase as mandated best practices switch from self-assessments to third party certified standards. Organizations will have to know how protected and prepared their partners are for everything; from ransomware to alternatives for resilience when systems go down.
– Matt Hayden, Senior Vice President, Exiger Government Solutions
Environmental, social and corporate governance (ESG) risk indicators are not a nice-to-have anymore, but a must-have. The discussion around what those indicators are and should look like when assessing third parties and their supply chains will continue into 2022. Regulators and consumers will continue to weigh in, and technology and data firms will refine their methods to compete in providing the best-in-class tools. One thing is certain, doing nothing is not good enough. Also, consumers are aware that big corporates have found ways to look like they are taking ESG seriously. However, their supply chains tell a different story. Tools which visualize the problem and provide actionable intelligence will be key for corporates in order to write those stories and mitigate the associated risks next year and beyond.
– Erika Peters, Managing Director, Global Head of SCRM & TPRM
Persistent Monitoring of Supply Chain Risk
Long gone is any hesitance to comprehensively (or strategically) invest in supply chain technology. The last several years demonstrate the necessity to utilize multi-tier, multi-dimension supply chain network risk analytics to manage risk. Business continuity and competitive advantage requires an evolution from outdated SCRM programs that provide limited and reactive data. Instead, they need more mature SCRM programs that provide proactive, anticipatory and/or predictive SCRM insights with real-time data. It is an exciting time to be part of a national security and nation-wide solution, working in partnership with the U.S. Government, Defense Industrial Base, and Commercial clients as they develop adaptable business models, plans, and solutions to drive informed decisions. Using technology to recognize key risks, pain points, and anticipate supply chain costs and disruptions will continue to be critical to respond to operational challenges, adversarial threats, and to seize business opportunities.
– Jennifer Nestor, Senior Director, Exiger Government Solutions