Bloomberg reported last week that Chinese spies had infiltrated at least 30 U.S. companies — including Amazon, Apple and others — using a tiny microchip hidden on server motherboards. While Apple and Amazon have both issued detailed statements firmly disputing the account, people are stunned by the scope of the hack described.
“If the Bloomberg reporting is accurate, it has uncovered arguably the biggest hack of all time,” writes Dan Goodin for Ars Technica. “If not, it has sent the world down a dangerous and resource-consuming rabbit hole.”
As supply chain professionals, this isn’t the first time you have had to consider cybersecurity. NPR reports that since the early 2000s, the Defense Science Board and others have warned that placing “some type of chip” would be an effective way for intelligence services to gain useful information.
Further, now is certainly not the first time you’ve thought of risk management or supply chain visibility. In response to your needs, we, at APICS, have been significantly augmenting risk management information throughout our body of knowledge and “risk management” remains one of the most common search terms for the APICS website.
As leaders digest the possibility of a hack this extensive; the effects are just starting to be estimated. This is an opportunity to seize the moment and discuss the importance of supply chain transparency and visibility. More importantly, it’s an opportunity for supply chain professionals to demonstrate their competency and expertise — addressing the problem from a remediation perspective as well as a preventive standpoint.
Brian David Johnson, futurist in residence at Arizona State University, understands the intricacies of cybersecurity in supply chains. He is the author of “Two Days After Tuesday: A Science Fiction Prototype,” which imagines how a state-sponsored terror group could attack New York and destabilize the United States, targeting ports and critical supply chains.
“It’s not a surprise that a hack happened or could happen,” Johnson says. “It’s a supply chain problem, and it’s going to take supply chain professionals to fix it.”
Evaluating your supply chains
If you missed the news last week, we’re undergoing the introductory launch of the Association for Supply Chain Management (ASCM), the new global leader in supply chain organizational transformation, innovation and leadership. The full launch will take place in early 2019; however, new tools already exist to help organizations fully harness the power of their supply chains and shield them from risk.
For example, Johnson is working in collaboration with ASCM to offer Threatcasting, a conceptual framework used to envision scenarios and plan against threats that could arise 10 years in the future. Johnson will present a suite of online and in-person content that provides a comprehensive review of the principles and functions of Threatcasting, with exercises to apply the process broadly and then specifically to the challenges found across the extended supply chain.
Additionally, there is the release of the first and only corporate supply chain designation, ASCM SCOR-Enterprise. The SCOR-E framework enables organizations to evaluate their supply chains, and the designation demonstrates a company’s commitment to ethical, economic and ecological supply chains.
For more information about ASCM and its resources, visit ascm.org.