How to hack your supply chain: Breaking today, building tomorrow

How to

hack your

supply chain

Breaking today, building tomorrow

Dr. Elouise Epstein

Foreword by Rachel Kutz

227 W. Monroe St. Chicago, IL 60606

Copyright 2023 by A.T. Kearney, Inc.

All rights reserved.

No part of this book may be reproduced or used in any manner without the written permission of the copyright owner except for the use of quotations in a book review.

ISBN: 978-1-7369981-3-7

Design by Briana Flosi and Kevin Peschke

Printed in the United States of America

Edition: First printing edition

For more information, please visit Kearney.com.

This book is dedicated to my wife Denise, our hounds, my Kearney colleagues, and the supply chain profession—thank you for putting up with me.

Table of contents

Figures

Foreword

Acknowledgments

Chapter I

The vaccine story

Chapter II

The intelligence–tools–people paradigm

Chapter III

Intelligence: data underpins everything

Chapter IV

Tools: we are in a post-ERP world; we just haven’t accepted it yet

Chapter V

People: preparing practitioners for the digital zeitgeist

Chapter VI

Hacking AI and building algorithmic literacy

Chapter VII

Hacking resilience: how quickly can your supply chain recover?

Chapter VIII

Risk management: the bridge between security and resilience

Chapter IX

Protecting future supply chains from the boom

Chapter X

Building digitally savvy supply chain leadership

Chapter XI

Hacking ESG

Chapter XII

Is the brave new world real?

Chapter XIII

Stepping off the edge to the future

Chapter XIV

Afterword

Bonus chapter

Improving security and resilience through supplier experience management

Index

Figures

Figure 1: Vaccine card

Figure 2: The traditional supply chain towers

Figure 3: Simplified vaccine supply chain

Figure 4: The Washington Hilton Layout

Figure 5: The moment before the shooting

Figure 6: Elouise’s tracking spreadsheet

Figure 7: The data value chain

Figure 8: Today’s broken supply chain systems

Figure 9: A new supply chain architecture

Figure 10: A new supply chain architecture with third parties

Figure 11: Multi-enterprise connectivity

Figure 12: I am not a cat

Figure 13: The different types of AI

Figure 14: The boom framework

Figure 15: Typical risk threat vectors

Figure 16: Elements of a supply chain control tower

Figure 17: The ESG morass

Figure 18: Palm oil production by country

Figure 19: Vodafone Procurement Company touchscreen

Figure 20: Vodafone Procurement Company mugs

Foreword

Like Dr. Epstein, I think about supply chains all the time. They are increasingly complex and scary, whether you're managing supply chains, working alongside them, or relying on one as a customer.

In fact, I rely on experiences as the latter—a customer—to inform how I approach supply chain in my work. I try to think like the customer, whether that’s internal clients or external buyers of our products. Questions such as How do customers use our products and services? and How are they most likely to shop? fill my head. In many cases, I’m a customer too. So, what are my pain points? What makes me happy? How do I get my stuff?

I didn’t start my career in supply chain, but my desire to get even closer to customers led me there from previous roles in technical operations. In 2009, I joined supply chain at a Fortune 50 company, leading teams responsible for product sourcing, planning, and quality. I also helmed teams responsible for product logistics, distribution, fulfillment, and reverse. And finally, after working in nearly every part of the supply chain (minus make), I moved into a role heading up supply chain strategy initiatives, which included digital procurement transformation, risk management enhancement, and ESG implementation.

Of course, COVID upended everything. Like every other supply chain leader, I went foraging for personal protective equipment, and fought daily to keep sellable products on the shelves as the global market constricted. These days, I’m implementing omnichannel transformation and—ironically—cleaning out inventory levels that are too high due to all the great work we did to keep products in stock.

While reading Dr. Epstein’s first book, Trade Wars, Pandemics, and Chaos, I thought to myself: here’s someone who thinks differently. This is someone who doesn’t use the same jargon as all the other consultants who are trying to sell the next best thing (blockchain, anyone?). I was especially intrigued by her thoughts on digital transformation and the spider map. My only disappointment was that she published her book after I implemented my company’s digital transformation. Still, her words and ideas gave voice to what I experienced and the challenges I encountered. I was introduced to Dr. Epstein shortly afterward, and I felt like a little kid meeting a celebrity.

In this book, Dr. Epstein examines the supply chain again, digging into the new challenges facing all businesses. We were both struck by the paradox of our supply chain reality during the pandemic, staring down at our vaccination record cards after getting immunized and thinking, Is this tiny bit of paper the thing I now must protect most dearly? Is this really the best process we can develop in the digital age?

The ideas presented in this book are thoughtful, intriguing, and frightening—Dr. Epstein touches on the things that keep us, as supply chain leaders, up at night. Her book, however, thrusts these issues into the light and explains why they should command our attention. We must face supply chain challenges head-on, even if they seem too complex or overwhelming to address. Supplier management and the risks suppliers pose to our businesses are real. ESG, even in the current political climate, creates the need for businesses to understand exactly how products are sourced, manufactured, and delivered. And as always, good data governance and maintenance remain key.

Dr. Epstein’s writing is approachable, and her examples and analogies make for an enjoyable, thought-provoking, and accessible read. Even more importantly, this book brings the current supply chain challenges to the surface and gives foundational understanding so that we can begin to create solutions. For example, I’ve already shifted my mindset to a left-of-boom approach, which will ensure my organization has the capabilities to navigate whatever complexities the future holds. We may not have all the answers, but this book helps us ask the right questions so that we can find them. I found it extremely helpful, and I’m now recommending this book to not just supply chain professionals but to all leaders looking to make their businesses more secure, sustainable, and resilient.

Rachel Kutz

Supply Chain Operations Leader

Acknowledgments

This book is an amalgamation of thousands of conversations, debates, and presentations over the past couple years. It would not have been possible without the generous contributions of many people.

First, I would like to thank Rachel Kutz for contributing such a splendid and thoughtful foreword to this book. Working with someone as esteemed and experienced as Rachel is deeply gratifying and is why I love my job so much. Words can hardly describe how appreciative I am to be able to work with supply chain leaders like her.

I am equally grateful to JD Ambati, Emal Ehsan, Arshita Raju, Guilherme Silberstein, and Lance Younger for graciously contributing materials, feedback, and ideas for this book.

I am indebted to Ninian Wilson, Reinhard Plaza Bartsch, and Sabih Rozales along with Dhriti Adhikary, Sanran Gulsen, and the entire Vodafone Procurement Company team for happily welcoming me into their world and introducing me to the beauty of Luxembourg.

I am especially appreciative to Mike Cadieux, Gillis Jonk, Tom Kiely, Mike Schiappa, Fulden Sener, Conrad Smith, and Jason Tham for kindly reading and commenting on the manuscript. This book is better because of their feedback.

My sincere gratitude to my colleagues John Blascovich, Mark Clouse, Ana Conde, Remko de Bruijn, Suketu Ghandi, Jeff Hewitt, Tiffany Hickerson, Tom Kline, Shakil Nathoo, Joel Saldana, Balika Sonthalia, Dr. Michael Strohmer, Yves Thill, Jane Wanklyn, and Ana Maria Yamakami.

Once again, Emily Deng deserves a standing ovation for her tireless dedication and work to organize and support the creation of this book.

I want to highlight the yeoman’s effort put in by my editor Kelly Kearsley to provide a much-needed semblance of structure and readability to this manuscript.

I would like to recognize the contributions of Haley Dunbrack, Briana Flosi, Kerry MacKenzie, Jack May, and the Kearney production team for producing and bringing this book to life.

I am thankful to Charlie Clark, Steve Comstock, Adam Crawley, Nil Difur, Karoline Dygas, Stephen Easton, Robin Evans, Johan Gott, Edenize Maron Gundim, Donna Hagerman, Pam Heminger, Patrick Magloin, Lynne McDonnell, Christian Schuh, Detlef Schultz, Pallaw Sharma, Brian Smith, Bindiya Vakil, and Peter Weis for countless discussions, answering of questions, and/or moments of inspiration.

A special mention to Sarah Elovich, my public-speaking coach, who has helped me shape and refine this material through my presentations.

A shout-out to Nefesh Mountain, whose melodic bluegrass folk music kept me methodically focused on writing.

I am deeply appreciative to entrepreneur and Digital Procurement World founder Matthias Gutzmann for generously agreeing to launch my book at his event and for serving as a role model for entrepreneurship.

Finally, no list of recognition would be complete without giving significant credit to my lovely and immensely talented wife Dr. Denise Dávila whose immeasurable support is the greatest gift. As a literacy professor her influence and inspiration are reflected throughout Chapter V, People: preparing practitioners for the digital zeitgeist. Also, a special mention to our hound brigade who ensure I get out into nature, where many ideas come to light.

Chapter 1

The vaccine story

The past is your lesson. The present is your gift. The future is your motivation.

– Anonymous

Let’s go back to March 23, 2021—the day that launched the idea for this book. I’m sitting on an uncomfortable plastic chair in a Walmart superstore in Henderson, NV, waiting the obligatory 15 minutes after my first COVID-19 vaccine shot. I’ve been staring intently at the small square of paper in my hand—my vaccine record card. I keep reading it over and over, fixated on the sparse bits of information on the page. There’s my name, date of birth, the date, store number, and the Moderna batch number. While I didn’t experience any side effects from the vaccine during that waiting period, I did have an existential crisis about the future.

My short- and long-term health outlook depended on this small piece of paper, which I would need to hold onto for the next four weeks until I could get my second dose. Where do I store the paper so it’s safe and I can also find it? I’m good at hiding important documents to keep them secure. Unfortunately, I’m not as good at retrieving said documents; the locations are so secure that I often forget where I hid them. Now I have to hold onto this paper indefinitely until I get the information to my primary healthcare provider, insurance provider, employer, and potentially various government entities. (See Figure 1: Vaccine card.)

My fixation on this small slip of paper led to questions about the provenance of the vaccine now coursing through my veins. I started to wonder, where did Moderna batch #002B21A come from? Was it stored at the proper temperature throughout the chain of custody? Was it handled properly once received? What ingredients went into it, and where did they originate from? I started wondering how many various entities touched this vaccine dose from the time it came off the production line until the time it was injected into my arm. None of these questions could I answer.

That’s the moment I had two diametrically opposed thoughts. First, I panicked as I realized the American healthcare infrastructure is an absolute disaster. I can have my contact information, all my transportation tickets, and my banking in a digital wallet on my phone. Yet for my health and livelihood, I must carry my proof of vaccination on a piece of physical paper. I know electronic health records (EHRs) have been around for quite a while, yet the two aren’t remotely connected. And supply chain traceability has been around for an equally significant amount of time. Am I supposed to accept that this is how we manage supply chain information? This led to my second realization. At that moment, I realized that the problems plaguing the healthcare system weren’t unique to healthcare. I came to appreciate that we need to collectively reimagine how we design, build, and operate supply chains. This book sets out to determine why we’re operating in a disconnected and archaic fashion that makes our supply chains decidedly insecure—and, most importantly, how we change.

When I started writing this book in the summer of 2021, we’d just had two ships beached in the Suez Canal, ongoing labor shortages, the threat of dock worker strikes, the semiconductor shortage, ships stuck off the coast of LA, and the start of the Great Resignation. Each month brought another disruption of some sort. By the summer of 2022, supply chains were backlogged due to China’s zero COVID policy, a potential American West Coast dock worker strike, inflation, a somewhat debatable recession, continued labor shortages, and logistics capacity constraints. This was on top of Russia’s invasion of Ukraine, which though not a supply chain disruption (see Chapter VII sidebar: Why wars are not supply chain disruptions), has put additional pressure on global markets. And this doesn’t even account for the global climate crisis. By the time this book has gone to print, there will undoubtedly be more disruptions to add to the list. In fact, I argue that we’ll go bouncing along from disruption to disruption for the next 10 years.

Today’s supply chain problems were created by decisions made in the late 1990s through the 2010s. During this time, the world was a fairly stable place, at least for conducting trade in a globalized market. As a result, many of the preferred strategies enacted squeezed cost and maximized profit by extending global supply chains. Naturally, this created brittle and fault-intolerant supply chains that are primed for security breaches. The goal of this book is not to critique whether these were good or bad decisions; historians and future scholars can tackle those questions. The issue now is how we fix the problems systematically and for the long term. How do we take the steps today to build a safer, more sustainable 21st century supply chain?

What are we doing?

At the end of 2019, I was approached by a client who wanted to engage Kearney to help them negotiate with their systems integrator (SI). For their future supply chain, they wanted to consolidate their 10 enterprise resource planning (ERP) systems down to a single big ERP system because they are a big ERP shop. They had selected big SI as their SI partner because they viewed big SI as their corporate SI. Unfortunately, the project was already four months behind schedule and $96 million over budget. And the worst part? The implementation hadn’t started.

While I am not a negotiation expert, I do know that if you are unwilling to switch technologies or SIs, you won’t be able to negotiate $96 million off your price. Of course, once the implementation started, the project was further delayed, and the budget overages piled up. This company has approximately $5 billion in annual revenue and a market cap of $8.5 billion—so not exactly a financial juggernaut. If this is the best that the collective we can do to create a digital supply chain, we should just stop what we’re doing and walk away. But I don’t believe it’s the best we can do. I’m pretty certain that there’s another, better way to hack our supply chains, escape the oppression of old technology and subpar implementation, and move toward a system that’s more secure and better equipped for the future.

Why this book, why now?

I was motivated to write this book for three reasons. First, I wanted to continue the story from my first book, Trade Wars, Pandemics, and Chaos: How Digital Procurement Enables Business Success in a Disordered World. Second, I made an error I wanted to correct in that book. Third, while supply chains have become common topics in public discourse, I continually ask myself, What is a supply chain?

Reason #1: My moment of clarity

Some readers may be familiar with my previous book. As I was writing the last few pages, I had an epiphany. It occurred to me that supply chains have become increasingly externalized. If you look at the end-to-end supply chain, it is predominantly a series of third-party entities from contract manufacturers, co-packers, and third-party logistics providers (3PLs) to the myriad direct and indirect suppliers who provide the necessary materials and services. Once we look at supply chains as a conglomeration of third-party entities, we can start to see what we didn’t see before. For fans of the Matrix movie, this is the moment when Neo recognizes the matrix as a simulated reality that he can manipulate.

If supply chains are simply an amalgamation of third-party entities, then they are at significant risk. The number of third parties touching the packages, pallets of packages, and containers of pallets is staggering. Each third party and the corresponding handoff introduces risk. Even non-product supply chains (such as banking or software), while not tracking physical goods from here to there, still have many third parties they are engaging with. More succinctly, the greatest risk to the supply chain comes through third parties. The more third parties, the more difficulty managing them and subsequently greater risk. Conversely, the greatest ESG and innovation opportunities come through third parties.

At the heart of these third-party risks and opportunities is the need for sophisticated data exchange and digital competency.

This represents a fundamental recalibration of the supply chain management profession. To run a modern supply chain, we need to embody a digital-first culture. A digital-first approach will require us to embrace new technological systems, data management, and sophisticated analytics. It also requires our teams to have vastly different skills and capabilities and gives us the opportunity to reimagine and simplify our processes. Please note that these will not be shock changes. They will occur over time. The key is that we start setting north stars now.

Reason #2: My moment of atonement

In Trade Wars, Pandemics, and Chaos, I made one grievous error: I fell into consultant groupthink. It’s an easy mistake to make. In consulting, once an idea or topic emerges, it becomes a race of one-upmanship as everyone scrambles to establish their view on the topic du jour. Artificial intelligence, blockchain, ChatGPT, cryptocurrency, COVID-19, monkeypox, supply chain disruptions, inflation, the Russia–Ukraine war, and Industry 4.0 are just some of the thousands of topics that have emerged in the consulting profession. The problem is that consultants, analysts, and pundits treat the topics superficially and lack sufficient depth to be useful to practitioners. In the process, a collective groupthink takes hold in which nobody says anything that’s too different from the others (see Chapter VII: Hacking resilience: how quickly can your supply chain recover? for a clear example of this). This is the mistake in Trade Wars, Pandemics, and Chaos. While completing the manuscript, I panicked and lobbed in some risk-related content that was neither useful nor differentiated. It wasn’t wrong, just not helpful. Here is the excerpt in question:

As part of our new risk management approach, we need our category and commodity managers to be enabled to model different strategies in response to various risk situations. Part of their job descriptions should include doing forward-looking what-if analyses to test and create alternative outcomes in case of disruption. Then as the risks unfold, the proper strategy can be quickly deployed based on changing dynamics. The strategy should then be matched with clear roles and responsibilities in the response and finding the right balance