Supply Chain

Is Supply Chain Software Risky Business?

An image of a cloud that conveys cloud computing.

Keynote speakers, thought leaders and industry publications show no signs of slowing when it comes to evangelizing the benefits of the supply chain’s digital transformation. With its promises to save you time and money, the market has exploded with offerings of cloud-based solutions, IoT devices and a legion of outsourced practitioners who can make all of your spend visibility and risk management dreams come true. But for all the benefits touted, what is often left out of the conversation is the topic of security, especially as it relates to third-party vendors.

The Path of Least Resistance

As hackers become cleverer in their approaches, they’ve moved from directly attacking large organizations to exploiting vulnerabilities and penetrating third-party cloud software, apps and IoT devices to implant malware directly into the software or steal login credentials. “The challenge with supply chains is that they are multifaceted and there are many places where a hacker can enter,” says Brandon Curry, Senior Vice President with NTT Communications. Curry, who is also a Certified Ethical Hacker, frequently reports on trends in cloud and supply chain software security. He notes that the top cost of a supply chain breach is legal and reputational costs, with software supply chain attacks costing an average $1.1 million per attack globally.

Compromised software is one of the primary causes of supply chain software breaches, and the damage isn’t limited to grabbing customer credit card numbers or personally identifiable information (PII). Hackers are also looking to steal intellectual property, mine your customer base, counterfeit your product and take over your market share.

Stacy Mendoza, Digital Marketing Specialist

Supply Chain Mobility: Sourcing Tomorrow’s Business

There’s a lot of talk regarding all the ways technology is going to revolutionize procurement. Blockchain can increase supply chain visibility, the Internet of Things (IoT) can change the way our business devices communicate with each other, etc…But what type of innovations are available at the sourcing level?

From paper RFPs to conferences, it seems the way we source business has largely remained the same. Procurement teams are limited to siloed, outdated supplier databases and incomplete business information when attempting to make business decisions. It’s expensive and time-consuming to get a holistic picture of a supplier’s business health and mitigate third-party risk. How can we adapt today’s technology for tomorrow’s sourcing needs? Here are a few innovative ways that your organization can source business:

Daryl Hammett, CSMP, CSP, General Manager/Chief Operating Officer, ConnXus

Interview with Kevin Nash, VP and CPO, Health Care Services Corporation

An image of the Chicago skyline.

Kevin Nash is the Vice President Chief Procurement Officer at Health Care Services Corporation, a Blue Cross Blue Shield Company. As an experienced executive in procurement, sourcing and supply chain operations, Kevin manages over 100 people who oversee a wide range of functions from sourcing and contracting to regulatory requirements. Kevin shares his tips to keep a large team organized, his outlook on the growing role of procurement in organizations, and his advice for those looking to be better procurement professionals and team leaders.

Can you talk about your background and education--how did you get involved in procurement?

Like many procurement professionals, I stumbled upon procurement early in my career and found it to be an interesting and exciting area to work. After graduating with a degree in engineering, I started my career at GE supporting a manufacturing process. While in manufacturing, I began to focus on supply chain because we were experiencing frequent supply chain and inventory issues that were significantly impacting the ability to meet the production schedule. After finishing my MBA and leaving GE, I joined a consulting firm and continued to focus on supply chain with an emphasis on procurement. While in consulting, I transitioned from focusing on the supply chain for direct material to supply chain and procurement in service-orientated companies.

Stacy Mendoza, Digital Marketing Specialist

Sustainability in Sourcing Part II: Sourcing's Role

An image of a glass globe in the forest.

In previous blogs, SIG has covered the basic concept of sustainability, including an overview of its various dimensions. In this post, I will touch on the role that sourcing professionals can have in meeting corporate sustainability goals.

Why should sourcing have a role?

Sourcing is uniquely positioned to contribute to meeting a corporation's sustainability goals because sourcing typically has expertise in:

  • Creating alignment to corporate goals
  • Building frameworks to measure success
  • Researching market conditions and supplier capabilities
  • Conducting strategic negotiations 
  • Designing innovative methods for value creation
  • Ranking the priorities of stakeholders with supplier offerings   
  • Identifying risk and mitigating responsibly

The reduction in costs after implementing a sustainability program can exceed the costs of implementation – in other words, you’re spending money up front but in the long run, you save more than you spend. For example, if an organization were to target the spend category of corporate services and facilities management (FM), capital may be invested in working with a supplier to install a new system that reduces energy consumption at the company's North American headquarters, but in the long run, the reduction in energy costs saves the company money – which of course, can then be reinvested.

In this example, procurement and sourcing are uniquely positioned to make this happen. Most likely Sourcing negotiated the original FM contract, understands the innovative capabilities of suppliers, has heard many recent pitches on new products, and is adept at performing the analysis that proves an investment can have a significant return in hard costs, and even soft costs.

Mary Zampino, Senior Director of Global Sourcing Intelligence

The Business Case for Ethical Sourcing Practices

Ethical sourcing best practices.

In my time working in the sourcing sphere I have become passionate about ethical sourcing. Mexico, where I have lived for nearly eight years, is where many companies source cheap, nearshore labor and is a resource for bilingual, cost-saving talent. I have witnessed unethical sourcing practices in my time here and I am always looking to educate myself and others on the benefits of ethical sourcing. As companies chase better costs to remain viable, the possibility of building a supply chain with poor ethical practices increases. Ensuring ethical sourcing practices in your supply chain can be labor intensive but the benefits are immense.

According to the  Chartered Institute of Purchasing & Supply (CIPS), ethical sourcing is the process of ensuring the products being sourced are obtained in a responsible and sustainable way, that the workers involved in making them are safe and treated fairly and that environmental and social impacts are taken into consideration during the sourcing process. Ethical sourcing also means the procurement process respects international standards against criminal conduct and human rights abuses and responds to these issues immediately if identified. 

The good news is that  84 percent of businesses report having a supplier code of conduct  in place to ensure ethical sourcing practices.

Hailey Corr, Junior Editor and Marketing Associate, Outsource and SIG