subscribe: Posts | Comments | Email

Shutting Down Factories- A Concerning Report on Malware Attacks


Of late, it seems to this Editor that the topic of the threats and implications of cyberattacks has been far more prevalent in 2017, for very good reasons.

There are many facets of supply chain risk and major disruption, and combating cyberattacks is clearly becoming top-of-mind.

A new reminder to such threats comes from a recent, albeit disturbing, ABC News-Associated Press report indicating that incidents of malware attacks have been specifically targeting industry supply chains that predominately are managed by just-in-time (JIT) inventory and production processesPlanning 3 shutterstock 394279114 300x184 Shutting Down Factories  A Concerning Report on Malware Attacks

The report profiles a North Carolina automotive transmission supplier that was impacted by a malware attack a year ago, literally shutting-down the production line until the company paid a ransom to the hackers. It seems that today’s hackers fully understand the JIT principles where supply chains manage inventory and production to hourly or daily replenishment needs, and little more. Thus, any significant disruption has a disruption further up and down the supply chain, one that can translate to a rather expensive exposure. In the specific case of the North Carolina automotive supplier, it was upwards of $270,000 in lost revenue and wages for every hour the factory was not shipping parts to nine Toyota Motor car and truck assembly plants.

As Supply Chain Matters has noted in prior commentaries related to either specific cyberattacks or Internet-of-Things enabled manufacturing processes, many of today’s factory systems and networks are aging and do not necessarily have all the latest information security safeguards installed.  Some data and application interfaces have not been updated in months or years, some have technology no longer supported by the original provider. That places a difficult burden on internal IT support teams to ensure that continuous production uptime is maintained, not to mention marshaling an effective response when a malware attack was to occur. That is especially an ongoing concern for specialty or mid-sized manufacturers who do not necessarily have access to a large in-house IT support team.

The AP report cites a Cisco Systems survey of nearly 3000 cybersecurity executives conducted last year indicating that one out of four (25 percent) of manufacturing organizations reported cyberattacks that cost them money in the prior 12 months. No doubt, that number is a lot higher since many companies tend to treat such information as confidential and not for disclosure.  Other data cited indicate that cyberattacks that target industrial control systems have double in the past year, in the U.S. alone.

In a Supply Chain Matters July posting, Actions to Consider in Cyberattack Defense and Mitigation, we reinforced the obvious takeaway that the frequency and scale of cyberattacks are indeed on the increase, with many more to come. This is a multi-billion-dollar problem, and now we know that hackers are sophisticated enough to understand industry supply chain process vulnerabilities, weak points that provide lots of leverage in securing ransom demands.

In our July commentary, we outlined four mitigation actions that supply chain teams should be actively working on. Given this latest reminder of targeted vulnerabilities, we are compelled to reiterate:

  • Scope and continually understand your company’s supply chain risks.
  • Factor the age of legacy systems, particularly those related to older factory control systems.
  • Determine in-advance, the specific roles and responsibilities in Business Continuity Management.
  • Insure active training, questioning and inquisitiveness with internal and external teams regarding information as to unusual or suspicious activities, security awareness and action plans if and when a cyberattack occurs.


Hackers are indeed becoming more sophisticated in many dimensions including an understanding of supply chain vulnerabilities.

Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.

The Tech Twist to the Amazon-Whole Foods Acquisition


Over the coming days Supply Chain Matters will feature both our own and invited guest commentaries regarding last week’s blockbuster announcement that Amazon intends to acquire the Whole Foods grocery chain for $13.7 billion.

In this posting, we update our readers on rather interesting added developments, to state the obvious. Whole Foods Austin The Tech Twist to the Amazon Whole Foods Acquisition

A report published by The Wall Street Journal, Get Off Amazon’s Cloud, (Paid subscription required) once again reinforces the extent of the cutthroat competition that Wal-Mart and other retailers now have with Amazon. The report indicates that Wal-Mart is instructing software and other technology suppliers to the global chain to refrain from utilizing Amazon Web Services (AWS) as the backbone Cloud platform. The report notes:

Wal-Mart , loath to give any business to Amazon, said it keeps most of its data on its own servers and uses services from emerging AWS competitors, such as Microsoft Corp’s Azure.”

That is certainly an unexpected boost for Microsoft as well as AWS competitors such as Oracle, Blue Cloud, IBM and others. Other technology providers catering to retailer software technology needs further confirmed specific retailer requests to prefer Cloud platforms other than Amazon’s.  We have similarly heard of such concerns shared by certain vendors in their retail customer interactions.

The concern is access to sensitive customer or other fulfillment or supply chain related data. That makes sense. However, AWS, along with other Cloud platform vendors must adhere to certain regional and global data security standards associated with certification standards. But that is not going to appease retailers who after last week’s announcement, are not going to trust anything related to Amazon supported services.

The obvious benefactors are software and Cloud applications providers catering to retail industry needs who elected to outsource Cloud infrastructure to providers other than AWS. That would include B2B Business Network and EDI messaging support providers as well as transportation and logistics Cloud-based providers. After today’s WSJ report, product marketing teams of Cloud infrastructure platform provider will likely re-double their efforts for targeting retail industry, including all its supporting elements.

Another Whole Foods Suitor?

While on the subject of Wal-Mart, JP Morgan indicated in an investment advisory that this retailer is likely the only other retail chain that can make a counter-bid to acquire Whole Foods, but there are likely other overriding factors such as clashing corporate cultures, Whole Foods customer whiplash and a potential bidding war with Amazon that would likely make such a move unlikely.

A posting published by Business Insider provides added details of the JP Morgan analysis. The sum total of the JP Morgan argument is why play defense when it’s better to stick to offense:

Given Walmart’s 20%+ share in grocery, why should the company spend $14B+ on what it’s already good at (selling food via brick-and-mortar) when the money instead could be used to expand and improve and is Walmart’s urban/millennial alternative to Amazon Prime, and is in many ways the ‘forgotten man’s’ alternative to Prime.”

From our lens, that is a powerful argument and a likely indication that there will not be a counter bid.

Many of the post-announcement opinion commentaries speculate what Amazon will do to leverage a well-respected grocery retail chain.  From our lens, we advise readers to consider all the supply chain, customer fulfillment and customer intelligence capabilities of Amazon applied to a leveraged online and physical retail grocery presence. Picture a Whole Foods store augmented with an added, automated customer fulfillment storeroom complete with Kiva robots sorting and staging online orders for parking lot pick-up. Think of the possibilities of the virtual Amazon fulfillment button affixed in our kitchens that electronically transmits the grocery shopping list to an online order available for one-hour pickup.

The possibilities are endless and the threat is real.

Stay tuned for continuing commentary.

Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.

Marked Increase in Supply Chain Technology M&A Activity

Comments Off on Marked Increase in Supply Chain Technology M&A Activity

Within the past few days, there has been a marked uptick in merger and acquisition activity involving business process and decision-making support surrounding the broad umbrella of what is today supply chain management. Three different announcements, each involving OpenText, Descartes Systems and JAGGAER demonstrate various strategies being played out for augmenting technology, business services and vertical industry depth.

As 2017 began, one of our ten annual predictions called for a renaissance in supply chain focused business services and technology investments supporting augmented and ever-changing business process and decision-making needs. We anticipated that investment areas would include digital supply chain transformation, data visualization and more predictive analytics and broader end-to-end supply chain visibility.  Boardroom 300x200 Marked Increase in Supply Chain Technology M&A Activity

We anticipated that with a continued robust investment cycle, merger and acquisition activity would accelerate among technology and services providers, particularly in the notions of blending technology, software, and managed services.

OpenText to Acquire Covisint Corporation

Enterprise Information Management and Supply Chain Business Network provider OpenText announced this week that the provider has entered into a definitive agreement to acquire Covisint Corporation, an automotive industry focused Cloud platform providing digital connectivity of business processes and Internet of Things (IoT) enabled processes. The reported transaction purchase price is approximately $103 million of market value or $75 million on enterprise value.

According to the announcement, the acquisition is expected to deepen Open Text’s EIM offerings with the addition of a cloud-based IoT platform, as well as expand the Canadian firm’s presence within Automotive industry supplier relationships and supply chain business process collaboration. The announcement indicates that Covisint will be integrated into the OpenText Business Network, a portfolio of cloud technology and software applications that facilitates B2B network messaging and compliant information flows.

Our automotive readers may well have knowledge of Covisint’s legacy dating back to the late nineteen-nineties as one of the first industry-specific B2B marketplaces. Of late, this provider has been messaging capabilities for building a portfolio of capabilities to support digital transformation that includes B2B messaging and process orchestration, identity, and verification, and IoT enablement.

The OpenText Business Network has provided a special emphasis on Automotive industry B2B business network needs and in May of this year, closed on the $100 million acquisition ANXeBusiness Corp. (ANX), a provider of cloud-based information exchange services to US Automotive and Healthcare industries. That acquisition was focused on simplifying relationships among the global automotive trading community, and now with the addition of Covisint, should strengthen such capabilities. This latest acquisition is expected to close in the third quarter, subject to customary closing conditions.


Descartes Systems Acquires PCSTrac Business

Descartes Systems Group and its associated Global Logistics Network (GLN), announced this week that it has acquired substantially all the assets of the business of PCSTrac, Inc. including certain related assets of Progressive Computer Services Inc. dba PCS Technologies (collectively referred to as “PCSTrac”). The reported acquisition price is $11.25 million.

US-based PCSTrac helps specialty retailers and their logistics service providers collaborate to improve carton-level visibility for shipments from distribution centers (DCs) to stores. PCSTrac’s technology provides visibility and insight into the store replenishment supply chain, helping increase sales, enhance loss prevention, and improve inventory control. Like Descartes’ Bearware platform, PCSTrac also supports pool distribution, which helps retailers reduce logistics costs and minimize store disruptions by eliminating unconsolidated direct shipments from suppliers and retailer distribution centers.

According to the announcement, pool distribution has become an increasingly important strategy in leveraging a growing community of retailers and pool carriers to lower distribution costs, increase delivery frequency, and improve overall replenishment performance. Effective pool distribution requires a common technology system for participants that helps standardize the process and provides carton level visibility across the entire store replenishment lifecycle.

Similarlyarly, Descartes had previously acquired BearWare to augment capabilities to manage the increasingly complex omni-channel retail supply chain environment. Both acquisitions plan to augment the Descartes Global Logistics Network with carton-level tracking and pool distribution support.



U.S. based procurement Source to Pay (S2P) provider JAGGAER, (formerly known as SciQuest), has merged with European-based POOL4TOOL, a specialized direct procurement technology provider. According to this specific announcement, this merger is designed to provide a global footprint of support for both indirect and direct procurement spend processes, and allow the combined entity to execute on a vision of a complete Cloud-based digital procurement platform.

JAGGAER had previously announced its intention to provide deeper vertical industry support. With this newly announced merger, JAGGAER’s footprint in Europe, Asia and the Middle East can expand as well as deliver a global presence for its data centers and customer support. It also adds direct material capability in the North American market. The merger further enables JAGGAER to extend its leading position in higher education procurement process support to expand within Europe.

POOL4TOOL, an admittedly different name for a direct procurement tech provider, brings over 300 customers to the merged entity. The direct procurement provider has further built bidirectional data and information integration capabilities with SAP. Both providers have footprints in automotive, manufacturing, chemical, pharmaceutical and sciences, along with retail industry processing a reported $65 billion in annual indirect or direct procurement spending.

As is often the case, mergers of this type are highly dependent on the timing and integration of two different technology platforms.

Thus, within a period of week, evidence, and demonstrations of individual technology vendor’s strategic positioning points to increased strategic activity. In addition, private equity and other investment firms continue to invest hundreds of millions of dollars in start-ups focused on hot emerging areas including digitalization of end-to-end supply chain capabilities.

However, at mid-year, still missing is the consummation of our prediction of a blockbuster M&A announcement.

Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.

Summary Highlights of the 2017 ISM Conference

Comments Off on Summary Highlights of the 2017 ISM Conference

This author had the opportunity to attend the annual conference of the Institute for Supply Management (ISM) annual conference held in Orlando Florida this week. This conference brings together supply management professionals spanning areas of direct and indirect supply sourcing and procurement. In this blog posting, we touch upon highlights and some important takeaways and learning expressed by those attending.  ISM2017 logo 002 Summary Highlights of the 2017 ISM Conference

This year’s conference drew a rather large number of attendees, much more than last year’s event.  We estimate attendees were more than 2500, and sensing from some hallway discussions, many came to seek added knowledge and understanding to rapidly changing industry and business environments.

The ISM organization deserves praise for recruiting two keynote speakers that spoke first-hand to the current wave of geo-political and economic events that could well impact industry supply chains in the months to come.

General Colin Powell, former U.S. Secretary of State and Chairmen of the Joint Chiefs delighted the conference audience with his comments on topics related to global events, politics, and industry supply chains. Regarding the latter, General Powell noted that Operation Desert Storm was won by superior logistics, and he shared some rather humorous stories relative to the challenges of moving vast amounts of material, supplies and personnel. He described today’s global landscape as a pressure cooker in the notions of the rise of populism, accelerated by the information revolution. General Powell voiced his view that the U.S. rejection of the Trans Pacific Partnership was an “unfortunate decision”, one that can likely benefit China as a larger influencer in global trade.

Former UK Prime Minister David Cameron’s address came on the morning of the tragic terrorist attack at a concert in Manchester England. Mr. Cameron spoke of the long struggle to defeat terrorism across the globe and on the renewed resolve of his country to march on. On the topic of supply chain management. Mr. Cameron observed: “What you do is extremely important to the global economy.” The Prime Minister later noted that he is a huge supporter of global trade, yet acknowledged that the rising tide has not lifted all boats. He noted that societies must reject tendencies toward protectionism because they failed miserably in the nineteen-thirties. He also addressed the rising tide of populism in observing that the pace of change has perhaps been too-fast, the scale of immigration too great, causing many to be fed-up with mainstream political parties. Addressing specific supply chain topics, he observed that ethical and sustainable supply chains are good for the brand and for society.  During a Q&A sit-down with ISM CEO Tom Derry, Mr. Cameron spoke of the implications of Brexit and what supply management teams can expect in scenarios of a hard or soft Brexit. Finally, responding to the question of what countries will likely be economic stars in the next five years, Mr. Cameron specifically mentioned India and Vietnam as emerging global commerce leaders.

A combined news conference featuring ISM CEO Tom Derry, Hans Melotte, Executive Vice President, Global Supply Chain for Starbucks Corporation, and Kristopher Pinow, Vice President and Chief Procurement Officer for B/E Aerospace, addressed some common themes impacting the supply management area. One was clearly the area of technology, described as quickly changing the current and future practices in supply management, which have typically been more transactional in-nature. Mr. Melotte observed that many in the profession are underestimating the impact of new technologies on processes, which he feels are coming sooner rather than later. CEO Derry observed that procurement managers are becoming much more aware of the importance of the Sales and Operations Planning (S&OP) processes, and the expansion of scope that it implies. This author had a later discussion with Jim Barnes, ISM Professional Services Director who shared feedback from various ISM regional chapters has reinforced the need for added education and involvement in S&OP, and why that involvement pulls procurement into the scope of the end-to-end supply chain.

Another top-of-mind topic remains talent management with an acknowledgement that absolutely, supply management does not have the talent to be able to leverage the tide of new technologies impacting the profession. Melotte noted- “We need to learn how to ask different questions as well as to sharpen our intellectual curiosity as to technology trends impacting our businesses.” Mr. Pinow noted- “We have to recognize that we do not know everything” and he quoted Shelly Stewart, Vice President, and CPO at Dupont in his observation that procurement leaders need to be more actively curious, including what is occurring external to procurement.

While attending other conference sessions, we further noted some rather consistent themes, especially from several panel discussions addressing timely topics. Addressing the challenge of CPO’s in making B2B networks work better together, Beverly Gaskin, Executive Director, Global Purchasing at General Motors observed that procurement has to improve practices in the science of marketing, namely how well procurement leaders sell and influence value to the business and to suppliers. Thomas Linton, CPO and Supply Chain Officer at Flextronics noted that procurement needs to understand the different management cultures of both internal and external partners and can build successful alliances based on different cultures. Many panelists addressed the need for leveraging knowledge and talent in today’s business environments, and that knowledge extends across the product value-chain to include close collaboration with supplier teams.

There were other common themes and takeaways and we will be sharing some of them in subsequent Supply Chain Matters commentaries.

A final note- after attending two subsequent ISM conferences, this author has noted a rising tide of desire and zeal among supply management professionals to become more recognized providers of business value, beyond procurement cost savings. It behooves other teams that make-up today’s broad supply chain management umbrella that spans product design to after-market services to include supply management in collaboration and to recognize suppliers for the partnership value that they can provide. That obviously includes S&OP teams.

Yes, the reality of increased supply chain cost saving needs is not going away and must be accommodated. However, it remains important that supply chain wide teams jointly recognize what capabilities in process, technology and people skills need to be preserved or augmented by trading-off cost savings for key investment needs.


Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.

Jabil Raises the Bar in Providing Supply Chain Cloud Platform and Decision Support Needs

Comments Off on Jabil Raises the Bar in Providing Supply Chain Cloud Platform and Decision Support Needs

This week, product solutions provider Jabil Circuit made a significant announcement, one that places this company as a supply chain Cloud based technology provider in addition to its other product value-chain design and manufacturing contract services (CMS).

As an independent supply chain advisory service, we have long ago predicted that large volume contract manufacturers would have to broaden their services models to grow market-share and profitability. Jabil is about to demonstrate the notions of providing an end-to-end supply chain focused decision support platform to support product value-chain management needs.

Jabil’s InControl SaaS is described as a multi-tenant, intelligent supply chain cloud platform that provides network wide connectivity, advanced analytics, and built-in machine learning capabilities to optimize near real-time decision-making.

Earlier this month, this analyst had the opportunity to speak with Jabil’s executive team to review highlights of InControl SaaS, and candidly, the full functionality would rival that provided some existing supply chain best-of-breed software providers in today’s tech marketplace. The other important difference is the coupling of specialized managed services in addition to what appears to be a sophisticated B2B network platform.

In its entirety, support encompasses five supply chain focused applications, a decision support platform, coupled with bundled procurement and supply chain focused managed services. The latter managed services include areas that span strategy, procurement sourcing, procurement business process outsourcing, supply network optimization and social responsibility. From our view, the target customers are those that are seeking their supply chain sourcing, operational and decision-making needs focused in a singular integrated platform, especially up and coming product companies that cannot afford the up-front or ongoing expense of investing in complete product value-chain needs.

Jabil’s market messaging emphasizes that the technology has been- built for practitioners, by practitioners, in-essence providing an emphasis on the company’s built-up process and technology development experiences in supporting various aspects of manufacturing and supply chain management needs of its over 250 existing customers, including some of the most complex yet highly recognized supply chains.

While the product was announced this week, the timetable for full functionality currently extends through the first-half of 2018. General availability of the InControl SaaS platform and applications begins in the third quarter, with various other elements planned for latter stages. Pricing is noted as a per-month/per application model with on-boarding, integration and implementation priced separately. Jabil’s go-to-market strategy includes its in-house supply chain, procurement, and professional services team, along with an external partnership with professional services firm PwC.

Included in our 2017 Predictions for Industry and Global Supply Chains was our belief that B2B network platform and managed services providers would provide enhanced supply chain focused analytics and intelligence capabilities, and Jabil’s InControl platform strategy and an existing example of that trend. The interesting twist for the market is the ability to select from either existing supply chain and manufacturing contract services providers, B2B network platform providers, or best-of-breed or ERP software providers. The ultimate decision for which partner will thus be highly dependent on individual business need, existing system landscape and future needs.

Our takeaway is that industry supply chain teams gain the benefits of added choices and of specific expertise, including that of actual on the ground practitioners.

Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.

« Previous Entries