Security as a Functional Area of Logistics in the Supply Chain

Security as a Functional Area of Logistics in the Supply Chain By Lawrence A. Howard, PhD Professor of Global Business and Transportation State University of New York (SUNY) Maritime College A Keynote Presentation given at the 17th International Logistics and Supply Conference, Istanbul, Turkey, October 17, 2019. See http://lmscm2019.beykoz.edu.tr/keynote-speakers/ © Copyright 2019 by Lawrence A. Howard, PhD I. Introduction I originally articulated my understanding of the supply chain in an article that I co-wrote with Ezgi Uzel and Jameela Androulidakis. “ Lawrence A Howard, Ezgi Uzel, and Jameela Androulidakis. "The Integration of Supply, Demand, and Value: A Coherent Theory of the Supply Chain." European Research Studies Journal - European Research Studies Journal. Last modified January 2013. https://www.ersj.eu/repec/ers/pijmtei/13_1_p2.pdf. Here, my purpose is to further delineate the logistics channel and one its functional areas, security, that helps logistics processes aggregate time and place utility across the supply chain, from the sourcing of raw materials to the final delivery of products or services. To accomplish my purpose, I start by briefly summarizing our concept of how the supply chain is composed and how a focus on primary economic values helps us understand the purposes of processes and relationships occurring within the supply chain. Briefly put, the supply chain incorporates a wide scope of identifiable sets of interdependent business processes and activities from the sourcing of raw materials to the ultimate destination of the product. The key phrase in this working definition of the supply chain is “identifiable sets.” “Channels” are identifiable sets of interdependent business processes and activities, the functional areas of which help to impart a primary economic value or utility to the product or service as it moves through the supply chain. For example, if we examine logistics processes and activities, the key economic value that they contribute moving things along to where they should be when they should, i.e. time and place utility. There are other sets of processes and activities, identified by primary economic values other than time and place utility, which characterize other channels, e.g. form identifies the manufacturing channel. Each channel has “functional areas,” which aggregate the primary economic value of the channel across the supply chain at discretely located “transformation points,” such as factories, terminals, distribution centers, etc. Security processes and activities primarily aggregate time and place utility throughout the supply chain, therefore security is a functional area of logistics. Other functional areas of logistics include inventory management, packaging, warehousing, and demand forecasting, including near real time identification of demand practiced in vendor-managed inventory (VMI). II. The Significance of Primary Economic Value in Understanding the Supply Chain Focusing on the primary economic values that identify channel processes and activities explains the purposes and rationales of interconnected supply chain processes and relationships. The supply chain is not a static set of links as the term might imply, rather it is a dynamic network of process flow, dedicated to meeting demand requirements by adding value as efficiently and as effectively as humanly possible, given the multiple contexts through which its processes flow. The supply chain is thus, first and foremost, a system, and the logic of analyzing the supply chain as a system derives from the transformation process, the heart of the integration of supply, demand, and value in the supply chain, wherein each channel via various functional processes contributes economic value to the product or service. These functional interactions cannot be understood exclusive of each other and within each transformation point, several functional areas of several channels may be interacting. Figure 1 (below) depicts this interaction in an example involving turnover of an asset from one company to another. In the depicted example, several channels interact through their functional areas. For sake of the example, we can suppose the “inbound” asset is a load of caviar shipped from Siberia and put under customs bond in a warehouse until landed in the host country. A new EDI system between the customs broker used by the consignee facilitates the bonding and release process. Trained personnel receive and store the caviar shipment, operate the EDI link, and finally enable the picking and release of the shipment. The consignee supplies caviar to several upscale clients by means of a VMI system, which enables the consignee to choose the appropriate time for making the outbound shipment. There are alternative ways of studying the supply chain. One, as is promoted by the Supply Chain Council Operations Reference Model (SCOR) Paul R.Murphy, and A. Michael Knemeyer. Contemporary Logistics, 12th ed. New York: Pearson, 2018, pp.80-81., is to focus on processes. The problem with this approach is after having identified planning, sourcing, making, delivering, returning, and enabling processes, one is still unaware of a logical rationale for the interaction of these processes, whereas focusing on the contribution of economic value does provide such a rationale. Another way is to focus on relationships, as promoted by the Global Supply Chain Forum (GSCF). Murphy & Kneymeyer, pp. 81-83 Similar to SCOR. GSCF says little about the rationale for those relationships that gives a coherent explanation of the supply chain as a system. Only the identification of sets of business processes and activities by the primary economic value that each adds to products and services moving through the supply chain provides a logical, coherent, and systemic explanation of the supply chain that integrates supply, demand, and value. Figure 3 shows a breakdown of the main channels within the supply chain, the primary economic values that identify each, and the functional areas of the channels. III. What is “Security?” The basic concept that all visions of security try to embody is one of well-being, freedom from a level of risk and the anxiety associated with it that connotes danger. There are different levels of danger; but, unacceptable means the trauma associated with that level is so unreasonable that no matter the probability of it happening, we need to secure against it. One American professor, Marie-Helen Maras, has identified two states of security. Maras, Marie-Helen. Transnational Security. Boca Raton: CRC Press, 2014, p.56. Objective security is the degree to which assets and persons are actually secure from the danger in question. Subjective Security is the degree to which individuals, groups, or populations are free from fear or anxiety about the danger in question, in other words, whether people feel that they are safe. Therefore, how a person evaluates what constitutes unacceptable danger is dependent upon that person’s perceptions. Those perceptions derive from the different layers of culture that enmesh the person. Each person strikes a balance in his/her own mind among competing priorities and probabilities of disaster, e.g., do I invest all of my savings in a business venture and try my hand at being an entrepreneur or do I remain a slave to wages paid by someone else? More people make the decision to become entrepreneurs when times are tough because necessity increases the acceptability of the risks involved compared to the status quo. In good times, a would-be entrepreneur might not take out a second mortgage on his/her home and invest the money in a business start-up. In another example, in the United States on September 11, 2001 the status quo shortly changed to bring national security issues to the fore of the minds of most Americans. Today fewer Americans think about national security as a major issue and there is more complacency about the possibility of attack by terrorists, resulting in less public money being appropriated to secure infrastructure. Other issues compete for public concern and appropriations. America is no exception; each country has its priorities. So too, businesses, individually and as partners in supply chains have their priorities and different issues compete for attention. Extended supply chains run through many different legal, political, cultural, economic and geographical contexts and each create different sets of competing concerns. For example, continued levying of tariffs on Chinese imports into the United States may begin to persuade some companies to move their manufacturing out of China, but there is still the issue of cost tradeoffs and whether to move back to the United States or choose another country, such as Mexico. Each possible site will have its issues. IV. The Functionality of Security within the Supply Chain Security is a functional area of logistics and helps the channel aggregate the primary economic value of time and place utility. It also is the means by which logistics interacts with several major channels in the supply chain to control risk; e.g. in human resources confidentiality of employee records; in communications encrypted email and hacker-free databases; in finance sanctity of credit cards and identity; and in marketing protection of intellectual property. Security can only be successfully developed and implemented in context of the cultural, economic, and political environments of the supply chain, logistics processes for which it serves as a managerial control mechanism. The key elements of any such control mechanism are threefold: 1) gather data and monitor/observe; 2) evaluate gathered data and aggregated observations; 3) adjust operations as may be necessary based on the evaluated data and observations. For example, people boarding a modern cruise ship literally enter a floating vacation city, a context in which security issues are not as conscious a priority for most of the residents of that city as is having fun. Yet, failing implementation of effective security measures, the fun can halt, degrading optimum time and place utility for the cruise. One particularly important area of concern on a cruise ship is bio-security, including the identification and managing of infectious disease agents. I recently co-authored an article with three colleagues in which we demonstrated that the intractable nature of infectious disease agents, the possible situational complications, and the diversity of vessels and ports combined to present significant vulnerabilities for waterborne transportation, particularly cruise ships. The security measures adopted must be systematic, using a variety of interconnected tactics, including: Education of passengers and crew Timely-administered questionnaires about medical and travel background (no answer, no board the ship) Comprehensive sanitation check-off lists and inspections Presence of medical personnel and facilities able to provide first-response care to the people onboard Disaster/continuity planning and exercises Rapid First-Stage Tests Carlos Jerome, Lawrence A. Howard, Ezgi Uzel, and Jameela H. Androulidakis. "Rapid First-Stage Tests of On-Ship Inspection." WMU Journal of Maritime Affairs 16, no. 1 (January 2017), 89-98. DOI 10.1007/s13437-016-0102-z. Good bio-security for waterborne transportation involves proactive detection and prevention on both the ship and shore. The implementation of an effective, systematic approach rests solely on the perceived competing priorities and probabilities of disaster as understood by ships’ owners, ships’ officers, and the populations, actual and potential, of the “floating cities.” It is the state of human affairs in every endeavor that there are always multiple issues competing for attention for a variety of reasons. How to make sense out of that competition and establish a rational set of priorities? There are two general approaches. One is to concentrate on probability of an event happening. The higher the probability, the more attention (and therefore resources) it deserves. Nate Silver. "Crunching the Risk Numbers." Wall Street Journal. Last modified January 9, 2010. https://www.wsj.com/articles/SB10001424052748703481004574646963713065116. Last accessed on 10 October 2019 One version of this approach would have it that on September 11, 2001, the attack on America was an anomaly, not likely to happen again in the near future, and therefore not a lot of resources should be spent on security against such terrorist attacks. This approach articulates a focus on short-term costs. The second approach assumes Murphy’s Law, which states that no matter how improbable, if something can happen, at some point in time it will happen. The question that therefore arises is, “in the event that the worst happens, what do we stand to lose?” Based on the resulting answer, an organization then takes steps to prevent/mitigate the potential breach of security. For example, if this approach was taken after the first attack on the World Trade Center in New York City in 1993, might the disaster of September 11, 2001 have been averted? This second approach articulates a focus on long-term costs and consequences; it is currently championed in the business world by continuity planning that poses the question, “in the event that something happens to disrupt our ability to meet the expectations of our customers, what can we do to mitigate the disruption and meet or exceed customer expectations?” Luke Ritter, J Michael Barrett and Rosalyn Wilson (2007). Securing Global Transportation Networks. New York: McGraw Hill. Especially Pertinent is Chapter 9, “TSM and Business Continuity Planning,” on pp. 209-228. Generally, the debate and tension between these two approaches ends up creating a semblance of balance between good security and its short-term cost, often emphasizing subjective security over objective security. Traditionally, concerns about short-term cost usually win out. In 2014, I addressed an audience of engineers at the Critical Infrastructure Symposium, and related to them an iconic story about short-term cost winning out. The story is true and is about the levees around New Orleans. For decades, engineers had warned that the levees could not withstand a level 5 hurricane. Politicians always demurred to do something about the problem because the historical records showed that no such hurricane had struck New Orleans in living memory. Everybody went about their business, trusting to the security of the levees, but little did most know that they were trusting to an illusion of security. Along came Hurricane Katrina. Lawrence A. Howard “The Human Factor in Securing Critical Infrastructure.” Presented on April 8, 2014 at the Critical Infrastructure Symposium, the Cheyenne Mountain Conference Center in Colorado Springs, Colorado. Available at (Note, you must log in to Academia.edu): https://www.academia.edu/9308047/The_Human_Factor_in_Securing_Critical_Infrastructure V. Conclusion Security processes and activities within the logistics channel of the supply chain may be generated from theoretical concepts; but the implementation of theory always takes place in a real world context. It is in reality that the consequences of choosing short-term focus vs “What do we stand to lose?” play out, and it is in reality where people discover whether they are objectively protected from harm or subjectively operating under illusions of security. Consistently optimum time and place utility is unlikely to be an outcome of any supply chain in which supply chain managers give greater weight to subjective rather than objective security. 10