Blockchain is Vastly Overrated; Supply Chain Cyber Security is Vastly Underrated

In 2012, an American chemical company reported that Chinese hackers had entered the company’s network using a phishing e-mail and gained control of servers in Germany and Canada. For nearly three months, the hackers extracted critical pieces of company information, including customer order history, price quotations and terms, the company’s cost structures, details about innovations about to be introduced into the market and even access to the firm’s manufacturing planning and control system.

Once the hackers had extracted what they needed, they made their move. First, they altered the master production schedule (MPS), randomly changing order due dates, order quantities and order quality levels, wreaking havoc on critical customers who were relying on deliveries. As if by divine intervention, a new Chinese chemical firm approached these customers with “low-ball” offers for the affected products. The result was predictable: The customers switched vendors so that they could maintain their production schedules. Almost simultaneously, the new Chinese firm obtained
patents on new products identical to those the American firm was developing. The company was left reeling.

We begin with that example for a number of reasons. First, it introduces the notion of supply chain cyber security—the need to protect the firm’s supply chain and its assets (information, intellectual property and processes) from the negative effects of hacking. As the story shows, cyber security is not simply a corporate concept; it is now a supply chain concept.

SC
MR