Every day, there is a different challenge when it comes to supply chain security. With emphasis on the supply chain, numerous people, companies, regulations and nations are likely involved. Sometimes the challenges center on trusting others along the chain; sometimes it is all about cyber security; other times, it is more a matter of cargo theft.
Security video provided by Travelers Insurance, with a high profile in supply chain security, show how thieves use bolt cutters to crack open locks and then go “trailer shopping.” The most popular items for thieves are beverages and food; however, the most costly are pharmaceutics and electronics.
Many local police departments don’t have investigators with special training to handle supply chain security. So enterprises and government agencies depend upon their own resources as well as industry specific organizations to fight fraud, theft and disasters. For example, Travelers provides police with bait trailers, wired with cameras, to catch crooks in action. But, in many respects, it continues to be a cat and mouse game. As pharmacies take steps to curb in-store robberies, thieves are increasing targeting warehouses and delivery vans that transport prescription painkillers destined from warehouses to pharmacies and hospitals.
According to FreightWatch International, cargo thefts are happening almost four times more frequently than in 2012.
Check Firms in Supply Chain
In a recent Web interview, Charles Forsaith, director of supply chain security at Purdue Pharma, says that security needs cover background checks of drivers, reputations of companies and insurance, among other factors.
The bottom line regarding supply chain security is a multi-layered approach to a secure, end-to-end chain of custody that includes well-defined and enforced protocols, an understanding of worldwide regulations, employee training, physical security measures, thorough carrier vetting and driver identification, video surveillance of warehouses, loading docks and gate areas as well as the use of secure facilities, lots and drop yards.
Obviously, the global supply chain is dynamic, growing in size and complexity and is vulnerable to a host of threats and hazards such as natural disasters, accidents, theft and malicious attacks. A security strategy, focused on the worldwide network of transportation, postal and shipping pathways, assets and infrastructures (including communications and information infrastructures), is an important step forward.
For those assigned to supply chain security, there are two goals. The first is to promote the efficient and secure movement of goods, and the second is to foster a global supply chain system that is prepared for and can withstand evolving threats and hazards and rapidly recover from disruptions.
A crucial goal of any supply chain security effort is to promote the timely, efficient flow of legitimate commerce while protecting and securing the supply chain from exploitation as well as reducing its vulnerability to disruption, according to Bill Anderson, group director, international safety, health and security at Ryder, Miami, Florida. Ryder’s leadership in transportation and supply chain security means that clients can expect the highest levels of security across operations. That leadership also extends best practices to industry partners and government regulators.
Threats Continue to Evolve
The aim: Understand and resolve threats early in the process and strengthen the security of physical infrastructures, conveyances and information assets, while seeking to maximize trade through modernizing supply chain infrastructures and processes. Anderson says it is important to also foster a supply chain system that is prepared for, and can withstand, evolving threats and hazards and can recover rapidly from disruptions.
Anderson’s advice is to identify, assess and prioritize efforts to manage risk by using layered defenses and adapting security posture according to the changing security and operational environment. “You cannot be everywhere all the time,” Anderson says. So he and other supply chain security executives consistently review situations based on cargo, geography, incidents, collaborative partners and other elements.
He also expects information security to be the next high concern area when it comes to supply chain security.
For example, one of the largest known data breaches, resulting in 110 million records lost and hundreds of millions of dollars in damages, started with a small, third-party supplier along the chain. Attackers compromised Fazio Mechanical Services, a supplier of HVAC services, to gain access to Target’s network. In a report by Dark Reading, piggybacking on third-party suppliers is now a well-worn page in attackers’ playbooks.
“If I want to attack Fort Knox and I know they have locks and guards and strong security, it is easier to attack one of their providers who already has access to the gold,” says James Christiansen, vice president of information risk management for Optiv.
Government regulations, mandates and industry specific rules play a significant role in supply chain security. “In fact, with a global reach, there are numerous governments and their ever-changing regulations that need attention,” adds Anderson. Still, he says, governments have gone through administrations and budget cutting. In some ways, the U.S. Chamber of Commerce and its homeland security committee have become more involved when it comes to regulations and funding issues, “although there is a common standards facilitated by governments.”
Many Supply Chain Players
No doubt, there are many players in the supply chain including importers, foreign manufacturers, consolidators; brokers, ocean, sea and rail carriers, and third-party logistics providers, to name a few. “But remember, nobody runs from the point of origin to the final point,” observes Anderson. He adds, “Obviously a lot of the activity is in warehouses. Goods in movement get a little trickier.” There are tracking devices, but when crossing borders, “they may have to be declared. And how are you going to get the devices back?”
Crisis management is another aspect of the supply chain security multi-tiered approach. Not only could the global supply chain be used to facilitate a terrorist act, the supply chain itself could be considered a target of such an attack.
Given the importance of cargo and vehicle security to ongoing sustainability, both are matters of committed corporate governance and leadership. Security practices must encompass a wide range of areas – from customs and border security for materials moving between nations to rental fleet security and crisis management.
Supply chain security also – depending on the company, location, type of supplies or data and risks ranked by priorities – calls for the use of traditional physical security technologies as well as tech unique to the mission such as seals, global positioning and more sophisticated locating and tracking applications.
Warehouses, distribution centers, seaports, airports, tractor-trailer hubs and freight terminals all lend themselves to some level of credential for access control as well as security video, often IP-based and analytics equipped.
Globalization has impacted supply chain security and technology solutions, according to Bruce Wimmer, senior director, compliance and investigations, corporate risk services division for G4S, who adds that the bottom line is to “detect” things before they occur with intelligent systems and analytics. It’s all a matter of risk mitigation. Beyond security, there are other reasons for supply chain security. “Take threats coming into the U.S. related to agriculture and food,” for example, says Wimmer, who notes the invasive insects brought in with cargo.
Whatever the threat, says Wimmer, “Don’t just throw solutions out there. Plan the approach. Understand the threats and risks and their criticality.”
Tagging certain job titles to specific zones such as dispatch, operations, warehouses and loading docks is a valuable step towards improving the physical security.
Video and License Plate Recognition
Steve Birkmeier of Arteco stresses event-based interoperable of security technology including security video as well as license plate recognition. Such solutions can verify trucks, open gates and even trigger email alerts, according to Birkmeier. Every camera has a purpose. Focus on what is important to security at various locations and related to events.
According to Anthony Incorvati, business development, critical infrastructure and transportation at Axis Communications, security technology has come a long way. There is system openness, higher quality imaging and more uses of security video. Look at today’s cameras as computers with a lens, he says. He sees security technology as bridging the gap between security and enterprise resource planning as well as warehouse management, for example. He adds that, for new projects, almost all are IP-based network technology.
Then there is geofencing based on sensors or cameras or both as well as customized software. Such systems can send automatic, near real-time notifications whenever a trailer moves in or out of preapproved coordinates, allowing fleets to proactively react to possible cargo theft. If a driver has authorization to stay the night in a hotel room, the carrier can create a geofence containment field around the hotel parking lot that will send an alert if anything happens to the truck while the driver is sleeping inside the hotel.
In some outdoor supply chain security applications, there is a need for a solar-powered, wireless video solution. With trucks in loading dock areas and terminals, such technology can be easily deployed on the perimeter, suggests Dave Tynan of MicroPower Technologies.
One logistics company, a provider of small package ground delivery services in the United States and Canada, has more than 40,000 vehicles in service at any given time, and accounts for 33 ground transportation hubs and 500 pickup and delivery facilities. To better monitor behavior, manage the flow of traffic at its hubs and to optimize the operations, the company invested in a solar, wireless surveillance solution. The company wanted to see trucks going in and out of the parking lots to watch over traffic patterns, driver efficiencies and operational issues.
Protecting the Perimeter
The company was already relying on traditional, hardwired surveillance systems to enhance operations and safety, but officials recognized the need to extend the views of surveillance video to the perimeters of their logistics parking areas. Trenching projects proposed would last up a minimum of three weeks and would shut down access to the logistic provider’s hubs, impeding operations.
After looking at several solutions, the logistics leader ultimately selected a solar, wireless surveillance platform because it delivers highly reliable and secure video surveillance capabilities in a zero-cable design.
Real-time locating systems also play a supply chain security role. Such telematics systems capture truck and cargo location information in real-time, points out Andy Souders of Savi Technology. Based on sensors and analytics, collected data allows a carrier to know if idle and/or dwell time is occurring in a safe place or not. Knowing where the hotspots are in terms of cargo theft based on historical data can also help with route planning.
Some providers think outside of the box. SGS, a leading inspection, verification, testing and certification company, in an effort to gain a competitive edge in its consignment verification and logistics security business, sought to develop a new integrated logistics and tracking offering that it could add to its global services portfolio. A key requirement of the service was real-time asset tracking and comprehensive journey monitoring. SGS delivers a solution to track freight movements using global positioning GPS, general packet radio service or GPRS and satellite technology that gives end users full in-transit visibility and real-time event management.
Keeping One Step Ahead
It’s a matter of keeping up with the bad guys. As examples: container seals, a long-time means of security protection, are now being illegally duplicated by people using 3D printing advances; some thieves use GPS jamming devices to overcome security efforts.
Linking people, processes and technology together better creates “defensive layers” that make stealing freight or data along the supply chain a more difficult endeavor.
Not surprisingly, there are synergies between physical security and cyber security when compared to some other business sectors. There is so much overlap today between physical and electronic security that supply chain security professionals are combining the missions. Freight and assets aren’t the only things exposed. So is information about a supply chain firm, its customer’s business and their freight exposed out there.
With a solid commitment to supply chain security, among the many trends revealed in the Travelers Insurance 2015 Business Risk Index was increased worry over cyber risks, global conflict and political instability. The Index also discovered that while U.S. businesses take many different approaches to managing risk, only half have a written business continuity or disaster recovery plan.
The blending of physical and cyber-centric security is seen in the marketplace. For instance, TrakLok International of Knoxville, Tennessee, has a cargo security system to bring the needs of physical and IT security together into a single package. It includes a hardened lock that withstands prying, cutting or impact tools; an integrated alarm that sends alerts when unauthorized attempts are made to access cargo; and a GPS tracking system with a cloud-based Web portal that allows access to real-time information on location and cargo integrity.
Fleet Security
No matter the focus, supply chain experts indicate five areas where fleets need to create what’s called “positive lane and logistics” performance. These are:
- Visibility – real time cargo/asset location with environmental sensing capability for cargo integrity;
- Validation – chain of custody, regulatory compliance, loss and incident forensics;
- Performance – transit time, estimated time of arrival, destination acknowledgement and notification;
- Risk mitigation – awareness and prevention of criminal activity, law enforcement engagement and assistance with recovery; and
- Efficiencies – least cost/time/risk routing, targeted areas for supply chain improvement, carrier evaluation, shipment history and exception analytics based on the shippers’ business rules.
Beyond technologies and logistics performance, a significant number of supply chain losses are due to non-technology paperwork and personnel failings. In one scenario known as a fictitious pickup, an imposter temporarily poses as the carrier. Sometimes they have paperwork and sometimes they just spin a yarn about being early or some other story.
