Enterprise supply chains have seen transformative changes and exponential growth, almost to a breaking point, over the past decade. This disruption is driven by multiple factors, including the growth of the supply chain itself to include potentially thousands of global partners, often with their own agendas, technologies, security protocols and strategic plans that may not intersect.
Common supply chain bottlenecks may include poor forecast accuracy levels, an inability to make full use of available big data, and challenges in implementing uniform security across a large and loosely-connected supply chain.
The large volume of data being generated throughout the supply chain by every participant holds great potential for drawing insights, forecasting, and spotting new opportunities, but at the same time, that same volume of data presents three very real challenges – making sense of the data and drawing insights from it, sharing those insights across the entire trading value chain, and protecting the data from cyberattack.
More often than not, the sheer volume of data involved – much of it unstructured and coming from multiple sources and often over unprotected networks – overwhelms those tasked with making sense of it.
A new look at Joint Business Planning
Larger supply chains tend to be one-sided, with decisions being made and tactics being driven by the largest party involved, with little input from smaller parties. At the same time, the larger party is receiving large amounts of data from all of those trading partners, but the insights tend to favor the larger party – and data is often not shared for the benefit of all.
Ric Noreen, Managing Partner at Waypoint Strategic Solutions, suggests in a recent article in Sales & Marketing Management that joint business plans are seldom as collaborative as they need to be, noting that "Because they are written from the supplier's point of view, they favor their growth priorities and discount what the retailer or distributor's strategies are for the category."
As such, JBP may actually be more of a deterrent than a solution. Noreen suggests a move towards "JBP 2.0," which shares the process equally on more of a collaborative basis, and with a longer planning horizon.
Risk management and protecting the supply chain's data
As supply chains gain more and more partners, creating a risk profile must extend beyond an inward-looking approach to include a full risk analysis of the entire trading ecosystem. Huge amounts of data may be flowing into the main trading partner's network from multiple sources, over unprotected networks, a factor that calls for rigorous penetration testing – not just on the larger partner's network, but on the networks of all trading partners in the supply chain.
This analysis will include external factors such as macroeconomic realities that may exist in other countries, political issues such as new tariffs which may impact cost, and transportation challenges. Internally, risk factors impacting the trading ecosystem will include each partners' relative maturity and standing in the industry, and cybersecurity throughout the trading network. A trading network with multiple partners in several countries may be especially vulnerable to intentional hacks or unintentional flaws which may bring down the system. Periodic cybersecurity audits and rigorous penetration testing for each partner has become essential. A security breach in one trading partner's internal network could potentially affect the entire trading ecosystem.
Penetration testing has become important in maintaining a strong and effective supply chain. In a white paper published by UK penetration testing company Bulletproof, it is noted that several current regulations, standards and best practices either require or recommend penetration testing. Standards that specifically call out for penetration testing include PCI DSS, ISO 278001, FCA, HMG and CoCo. While compliance does not absolutely guarantee security, these standards do provide good direction as to what is needed to ensure the entire supply chain is in a good overall state of security.
Turning the supply chain into a competitive weapon
"Many companies struggle to figure out how to actually put together a true level of competitive differentiation through their supply chain," says Steven Bowen, CEO of procurement, operations and logistics consultancy Maine Pointe. "That's when you turn your supply chain into a competitive weapon." Bowen notes that over 90 percent of all the data in the world has been created in the last 24 months. "The availability of data and analytics is so vastly different today than it was two years ago, much less how it may have been 15 or 25 years ago."
When every part of the supply chain participates equally in developing their plans and initiatives, risks are evaluated uniformly and across the board, and cybersecurity audits and penetration tests are used to uncover weak points in the infrastructures and networks of all parties, risks are minimized, and each member of the value chain will enjoy a more sustainable path to growth and profitability.