
Last July, a glitch in a software upgrade by a cybersecurity company impacted 8.5 million computers, resulting in the cancellation of 2,800 flights and delays for 11,000 more.
In an increasingly computerized world, digital supply chains use data and analytics to manage the flow of goods, services and information. These chains are increasingly interconnected and vulnerable to disruption, UC Merced management of complex systems Professor Lisa Yeo wrote in a recent issue of The Conversation, based on a paper she co-wrote for the Association of Computing Machinery.
"Combating threats to the digital supply chain is the top challenge for leaders in most supply chain industries," Yeo and her co-authors wrote.
The global havoc triggered by the faulty CrowdStrike update last July is just one of the latest examples of the fragility of a world that depends on a few digital providers for crucial computing services.
In April 2019, a computer systems failure of service provider AeroData, which delivers flight planning services to Southwest, United, American and Delta airlines, among others, grounded hundreds of flights.
"The synchronization of disruptions for firms that use a common service provider has implications for service provider choice and investment," Yeo wrote.
She and her paper co-authors, researchers from the University of Calgary, Cal Poly Pomona and the University of Alberta, analyzed how disruptions at a service provider impact a company's customer demand and how this affects the company's choices in managing risk. They also looked at the effects on customer service and profit.
"An overlooked factor in deciding a firm's (information and communications technology) provider is the demand effects of using a common or separate provider," co-author Hooman Hidaji, professor of business technology management at Haskayne School of Business, told the University of Calgary. "This is a mechanism by which supply chain decisions are impacted, and one which had not been explored before - that is, whether to use common or separate providers based on disruption risks and downstream substitutions or complementarities."
The researchers examined the benefits of diversifying the supplier base - so if one supply chain were disrupted, it wouldn't affect all or most of the involved industry.
Though they cited airlines in their work, they noted that other areas also can be struck. For example, artificial intelligence is transforming industries such as customer support and health care, making digital supply chain disruptions more likely in those industries.
Several factors, such as rapidly changing technology, expanding opportunities for attacks, high costs to address privacy and security, and lack of employee awareness, make addressing the concerns challenging.
But there are ways to mitigate the risks, the researchers found.
"For businesses, building resilience against digital supply chain disruptions and supplier outages requires strategic partnerships," they wrote. "Companies must consider how inevitable disruptions will affect not only their customer demand, but also how competitors' disruptions could affect them, and vice versa."
Industry coalitions and government regulators also play a role. Understanding the ripple effects of a shared digital supply chain can help determine what regulations should be implemented.
Customers should also be aware of the potential for disruptions to the digital supply chain and have workaround plans. This can be as simple as booking a flight a day earlier than necessary or allowing extra time to return home in case of a disruption with an airline service provider.