|home ICG Risk Blog discussions newsletters login|
ICG's Supply Chain-Outsourcing Abstracts, April 2004 - December 2008
- Gordon Housworth [ 12/15/2008 - 16:39 ] #
ICG's Supply Chain-Outsourcing Abstracts Supply chain analysis must extend beyond the piece part cost, beyond purely commercial aspects, in order to prevent surprise, interruption or termination. Commercial calculations are the essential first step in risk evaluation; they are necessary but not sufficient to define total chain risk. Supply chain analysis must go beyond piece part cost to include Intellectual Property (IP), IT, criminal, terrorist, cyberterrorist and environmental issues - and their interactions. Good supply chain analysis on the manufacturing downstream and outsourcing upstream must be an all-source risk analysis effort in order to preempt strategic surprise. And in order to be effective, risk guidelines must be harmonized between downstream manufacturing and upstream outsourcing. Too often they proceed in isolation, or risk guidelines of either or both are faulty.
ICG's Supply Chain-Outsourcing Abstracts
Supply chain analysis must extend beyond the piece part cost, beyond purely commercial aspects, in order to prevent surprise, interruption or termination.
Commercial calculations are the essential first step in risk evaluation; they are necessary but not sufficient to define total chain risk. Supply chain analysis must go beyond piece part cost to include Intellectual Property (IP), IT, criminal, terrorist, cyberterrorist and environmental issues - and their interactions.
Good supply chain analysis on the manufacturing downstream and outsourcing upstream must be an all-source risk analysis effort in order to preempt strategic surprise.
And in order to be effective, risk guidelines must be harmonized between downstream manufacturing and upstream outsourcing. Too often they proceed in isolation, or risk guidelines of either or both are faulty.
Why steal COTS products or processes?
Why steal COTS products or processes?
Targeting countries appear to wait for a successful US commercial application of a technology before seeking to acquire it as the kernel of capability for military use is often contained in the commercial variant. An airborne IR sensor is a good example that applies to all dual-use technologies.
Targeting countries appear to wait for a successful US commercial application of a technology before seeking to acquire it as the kernel of capability for military use is often contained in the commercial variant. An airborne IR sensor is a good example that applies to all dual-use technologies.
I would stress that "failed" applies to collectors' time horizon and that the early securing of a commercial variant will act as a "gap filler" in both their defense and commercial posture and will act as a development seed in their research institutions.
As developed countries suffer legacy drag as we do, preferring not to change computer systems when an upgrade is needed, they target absorbable enhancements. Not so encumbered developing countries will attempt quantum leaps in capacity by acquiring newer, more advanced systems... more
Similar mitigation trajectories: Intellectual property theft and quality 6/4/2004 I had the opportunity to share some opinions on the impact of intellectual property (IP) theft, some already posted to this list, with a large, global supplier of parts and subsystems that was known for its production and quality focus but it had not been clear to me that the supplier was also ahead of many of its peers in its understanding of the diversion risk that it and its subsuppliers faced in certain regions. I mentioned certain points from Hemorrhaging intellectual property to Asia, notably that on the established industrial side: [The] OEMs (Original Equipment Manufacturers at the top of their respective supply chains) have been virtually ordering their suppliers explicitly or implicitly to China (a) to produce lower cost products for resale back to the OEM or one of the subsuppliers in the chain, or (b) support OEM plants in-country. The demand for cost reduction is the pole star. Our prediction is that the OEMs, whose hubris leads them to mistakenly feel themselves above the risk horizon, will not protect their suppliers as new Chinese or other low-cost country providers come on line and will shift purchases to those new firms, hollowing out their own industrial infrastructure, even as OEMs press those same suppliers for cost reductions on a year-to-year basis. To this, I added that since the OEMs had financial pressures of their own and would not relent in their demands for immediate direct cost reduction such that the supplier had no opportunity to not go to the desired low cost area, that it was up to the supplier to address the incursions against the intellectual property of their firm and the subsuppliers in any critical path of their supply chain.
Similar mitigation trajectories: Intellectual property theft and quality
I had the opportunity to share some opinions on the impact of intellectual property (IP) theft, some already posted to this list, with a large, global supplier of parts and subsystems that was known for its production and quality focus but it had not been clear to me that the supplier was also ahead of many of its peers in its understanding of the diversion risk that it and its subsuppliers faced in certain regions.
I mentioned certain points from Hemorrhaging intellectual property to Asia, notably that on the established industrial side:
[The] OEMs (Original Equipment Manufacturers at the top of their respective supply chains) have been virtually ordering their suppliers explicitly or implicitly to China (a) to produce lower cost products for resale back to the OEM or one of the subsuppliers in the chain, or (b) support OEM plants in-country. The demand for cost reduction is the pole star. Our prediction is that the OEMs, whose hubris leads them to mistakenly feel themselves above the risk horizon, will not protect their suppliers as new Chinese or other low-cost country providers come on line and will shift purchases to those new firms, hollowing out their own industrial infrastructure, even as OEMs press those same suppliers for cost reductions on a year-to-year basis.
To this, I added that since the OEMs had financial pressures of their own and would not relent in their demands for immediate direct cost reduction such that the supplier had no opportunity to not go to the desired low cost area, that it was up to the supplier to address the incursions against the intellectual property of their firm and the subsuppliers in any critical path of their supply chain.
The defender's dilemma: common threads in exploiting commercial supply networks
We devote substantial research to asymmetrical warfare exploits involving COTS (commercial off the shelf) openly available dual-use equipment and processes... Tools and weapons derived from such sources are perfect tools "for the asymmetrical warrior, and devastating to US commercial and military installations."
It is a truism in every COTS weapon system production capacity that we investigate that investigating authorities place self-imposed blinders upon themselves, too often assuming that their opponent is a mirror image state opponent, such as Russia, or state-sponsored opponent, such as Libya, and thus compelled to access the same production base, employ state-of-the-art production processes, assume a continuous production level when manufacturing is involved, observe common industrial manufacturing and recovery processes, and expect similar military delivery means.
Just as military forces habitually look for mirror image adversaries instead of an asymmetrical opponent exploiting a key weakness that you have overlooked, so does the FBI too often look first to new, retail commercial purchase instead of looking for "good enough" components from the used, resale, internet, closure, overstock, bankruptcy, or theft sources. The perp's goal is path of least resistance and not path of greatest production... more
Invisible reallocation of supply chain vendors based on perceived threat to buyers
It has been my experience that while many industrial firms have made a strategic IT commitment to the likes of Microsoft or Cisco in volume purchases that significantly lower the per seat product cost, they exhibit a very different -- lower and more transient -- loyalty to the suppliers in their product supply chains.
Based upon our work in the automotive sector, we can say that OEMs (Original Equipment Manufacturers) -- or vehicle manufacturers -- in this relentlessly cost sensitive sector have less than rigid loyalty to suppliers and certainly feel "hostage" to certain suppliers, especially those suppliers who dominate the market in a specific part/subsystem or even a high percentage of overall industry production to all OEMs. OEMs are reacting by reallocating their part production awards to other than the industry leader, irrespective of that supplier's ability to provide a technically and financially acceptable component.
This does not mean that OEMs will award business to firms with substandard performance, quality, and robustness, but rather that they will select among a group of suppliers capable of providing a peer level of performance in order to reduce the dominance of particular suppliers in critical market subsystems. I hasten to add that "critical" may be based upon internal OEM criteria not available to the supplier who would otherwise presume that they have the business based upon being the incumbent supplier offering a competitive cost and functional bid for a subsequent model year... more
When clients for risk assessment/risk pricing take on a risk of their own
While virtually every risk client will subscribe to the idea that there is added value in managing risk, i.e., shifting from the default condition of accepting risk to the pricing of risk though such mechanisms as mitigants, offsets, and transfers, the client rarely sees themselves as among the criteria of risk. Risk clients commonly divide themselves into one of three categories:
The merger of Inability to distill, Not invented here, and Competitive bad advice
The merger of Inability to distill, Not invented here, and Competitive bad advice give rise to a persistent condition we see among many that are party to risk assessment or risk pricing: Deming's "They don't know that they don't know." Furthermore, there is little time to teach them, especially without causing embarrassment to one party or another.
Under Inability to distill, I had noted that they "can't analyze what they have," and so lapse into the condition of being "better informed without the ability to act." This is the crux of the operable decision problem, i.e., they do not "see" the data in first instance, do not see context, do not see relevance, do not see pattern at any time, and do not see patterns maturing over time. They are deprived of a meaningful means of prediction... more
Brief introduction to China risks
Before turning to a brief introduction to China risk, space limitations in the previous post required that I defer the operational component.
Operational, in-country side of the commercial client:
1. These people are close to the problem and bear the pain
2. They feel risk keenly in all aspects of the business
Starter questions to begin -- just begin -- to understand country risk
Here is a starter list of questions for the novice to begin -- just begin -- to understand the risk in your country of interest. Or you can charge in with your risk unmeasured and unpriced. Many do.
The PRC does not have an independent judiciary.
2. Intrastate conflict between state, province and enterprise zones
You can never, ever judge this from afar. Yes, there is enormous interference from Beijing and enterprise zones, but substitute the relevant government agency, and this pertains to almost any almost-developed nation; even democracies like India, Argentina, Brazil, and Australia that to the uninformed may appear benign or less risky... more
Refining a China forecast
Continuing our effort to refine a prediction for Chinese economic direction, I believe that China will:
Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains, Part 1
Suspected human-to-human Avian Flu H5N1 transmission has occurred in Vietnam, and is the kind of trigger news that could launch the epidemic/pandemic "event" noted in The flu season not yet underway and uncomfortable signs that 'when, not if' is shifting to 'soon, not when'. Worse, the lack of reliable or widely available tests may be masking other cases. H5N1 is vastly more fearsome than SARS (Severe Acute Respiratory Syndrome).
In the case of SARS and now Avian Flu, governments are voting short term economic gains, reducing the flow of accurate infection information, impeding inspection by foreign epidemiological staff, and forestalling destruction of infected fowl, thereby blinding themselves - and us - to the tipping point of a pandemic.
Independent actions by local, regional, and national governmental entities effectively conspire to make the situation opaque. Vietnam, Thailand, and China are now repeating news suppression and denials in avian flu animal-to-human and human-to-human transmissions... more
Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains, Part 2
Host nation (PRC and HK) "Public" or core event hierarchy:
Cost pressures on supply tiers prompt loss of supplier intellectual property
Suppliers worry that design reviews by an OEM prior to contract award are efforts to extract price concessions, extracting information to compare (1) proprietary cost buildups and (2) ideas among competing suppliers. OEMs, for their part, may be mistaken in asking the supplier for full disclosure of the supply chain during this period of minimum trust and maximum fear, a more common occurrence among the three "US" OEMs than Toyota or Honda.
In reality, the supplier has often not gone to the cost and effort to fully detail the part. OEM staff profess outrage when they 'find out' this is the case. We ask them what they expected. Would they not do the same were circumstances reversed?
The following [sanitized] exchange involves AutoCo and CarCo, two automotive OEMs, MetalCo, a Tier One supplier, and MasterCo, a related subsidiary. AutoCo is under financial pressure to produce improved results. Such pressure always creates hot spots under excruciating demand, to the point of program cancellation and (participant) job loss... more
Lenovo's transition to Dell and HP peer competitor should be measured in months rather than years
Market Assumption: The transition period between (1) Lenovo's purchase of IBM's PC group and (2) the appearance of robust Lenovo desktop and laptop products (products that challenge the likes of Dell and HP) is to be measured in terms of years.
Our Forecast: The transition period between Lenovo's purchase of IBM's PC group and the appearance of robust Lenovo products is far shorter than what the perceived wisdom (years) would indicate. The transition could easily be accomplished within twelve months, less with a more concerted effort, requiring little or no additional dependence on intellectual property (IP) diversion.
Rationale: Lenovo has already positioned itself to climb out at the top of the electronics supply chain. It lacks only in brand and distribution (both of which it believes it has purchased). Pricing pressures in the electronics industry are no less fierce than those between automotive manufacturers (OEMs) and their Tier One suppliers. Dell, HP, and IBM, among others, have placed unrelenting pressure on their Taiwanese suppliers for price reductions. It is understood in the sector, but seems not to have reached the level of actionable risk analysis, that this pricing pressure has driven much "Taiwanese" electronics to China with supplier badging remaining in Taiwan. (See activity location 2003 versus 2006.)... more
Pan-industry “beggar/maker-prince/maker” initiatives in supply chains
Enter Intel, a chipset manufacturer that is promoting "white box" (generic PC) and "white book" (generic notebook) devices using generic designs, cases and hardware modules. Intel's intent is said to be the creation of a family of more compliant suppliers and so escape their current vulnerability to the two US giants - Dell and HP.
Intel seems to be pursuing an approach that mimics the "beggar/maker-prince/maker" process that we see emerging among US automotive OEMs. (As Intel provides roughly a fifth of the world's server products (at higher margins than PCs) and so competes with their server customers, it may be to Intel's advantage to suppress their current troublesome generic PC vendors while created a wider market for their chip sets.)
For those readers unfamiliar with beggar/maker-prince/maker, we see OEMs in a number of sectors, automotive included, that perceive themselves increasingly captive to powerful Tier One suppliers. To escape that burden, we believe that the OEMs are in the process of elevating smaller suppliers (making princes out of serfs) while taking business away from the leading suppliers for future models (making beggars out of kings). The result in both automotive and electronic market sectors is to leave the top of the manufacturing tier in stronger control of its supply chains... more
Implications of absence of liability: shifting the cost from perpetrator to consumer and bystander
Absence of liability in software design and data aggregation share a common theme: The absence of liability or responsibility for human action in any system leaves a massive open loop in which damaging action is allowed to rise, and to continue, without impact to the perpetrator's finances, equity and reputation. The unregulated impact of such action is a form of collateral damage to consumer and bystander as the cost to correct wrongful action or inaction is transferred to them.
The politico-economic system is as much at fault as are the perpetrators as the latter are only responding to the risk-reward calculations that the system presents them. If I am producer of product, tangible and intangible, and am not held accountable for the quality of those products, I will devote more attention to 'features' than to the quality of those features. If I am an aggregator of information and not held accountable for the security and accuracy of that information, I will focus on gathering/acquiring more information and designing data mining tools to exploit that information than to securing and updating that information. In both cases, it comes down to the consequences of shabby 'product.'... more
At what point does a decision maker bound the system that describes options with the least destructive outcomes?
Just as customers had to "take either the horse nearest the stable door or none at all" from Thomas Hobson's livery stable, so must Microsoft decide between stopping piracy revenue loss or driving clients elsewhere or indirectly propagating vulnerable installs; and the US must decide between US-EU cooperative agreements that permit transatlantic technology transfer underlying cooperative programs such as the Joint Strike Fighter (JSF) or accelerated EU, principally French and German, arms exports to China.
Choices in complex systems are increasingly maddening, and in geopolitical systems those choices can have disastrous consequences. Many have written on the short term thinking of certain political elites that lead to an endless string of unintended consequences, so I am not the first to suggest that setting width of scope and length of timeline is essential in defining a solution space with the least damaging outlines. (Whenever clients task us for a solution to an especially vexing problem, we find that the solution space is not large enough to define a solution and that we have to widen the solution space, i.e., reset scope, in order to define one or more solutions that can be presented to the client for evaluation.)... more
China: a planners' preference defense industry succeeds in spite of systemic shortcomings
China's military-industrial complex is a study in contrasts. Effectively unique in the third world/developing world in that it produces a complete range of military equipment that includes "small arms, armored vehicles, fighter aircraft, warships, submarines, nuclear weapons and intercontinental ballistic missiles; is one of the oldest and largest defense sectors, yet faces system shortcomings that have evinced difficulties in "translating theory and design into reliable weapon systems":
The world is flat save for the depression that we occupy: Friedman on global opportunity and competition
The head of Infosys (India) told Tom Friedman that "the playing field is being leveled" as decades of massive investment in technology, computers, global broadband connectivity, education, communication and information processing tools created a condition in which "countries like India were now able to compete equally for global knowledge work as never before -- and that America had better get ready for this."
Friedman made a great tag line leap from 'leveled' to 'flattened' to 'flat' with the observation that: When the world is flat, you can innovate without having to emigrate. The impacts are enormous in terms of economic, political, military, and demographic changes at the level of shocks - and an inability to predict when and where those leaps will occur... more
Supply chain paradigm shifts: read the tea leaves and add minor twists
Chrysler's consideration of a Chinese JV to make Chrysler vehicles in China and export them to North America and SeaCode's intent to anchor a used cruise ship converted into a 24/7 floating programming factory off the US coast are seen by some as a shock, a new departure, but are in reality a tweaked progression of trends already in motion.
DaimlerChrysler's 'export Chryslers' made in China
DaimlerChrysler's effort is an attractive proposal to a Chinese firm in that it:
Supply chain paradigm shifts, part 2: SeaCode's floating Maquiladora
Continuing our review of 'tweaked progressions of trends already in motion,' SeaCode's very near offshore seaborne platform solves a number of nettlesome problems:
Commercial blindness: a "twofer" attack on the Indian state and US and European outsourcing assets
One must wonder how inattentive major US outsourcers can be, and how 'missing in action' that major consultancies such as Forrester can be, so as to not recognize the physical threat to core outsourcing facilities in India. Perhaps it is the mere continuation of the lesser lapse of failing to factor intellectual property (IP) theft risk in supposedly low cost areas. (See Intellectual property theft: the unspoken unknown of offshoring.) Even more curious is the effective absence of concern by Europeans who would normally have an attentive ear to the near and middle east. (The UK has a term EMEA for Europe, Middle East, and Africa to describe their version of the 'Near Abroad.')
The threat to IT and outsourcing assets in Bangalore and Hyderabad should be taken seriously despite the bland denials from Indian authorities who are understandably anxious to protect what amounts to the core of Indian economic revival... more
Threat of H5N1 avian flu pandemic rises to point that business must actively consider contingency plans
The threat of an avian flu H5N1 human-to-human outbreak - which holds the specter of a global pandemic - is now at a point that I submit that firms that do not address the potential impacts to their global supply chains are at a point between a near total supply chain interruption and fiduciary breach. This is cheap prose to firms that are struggling with financial and competitive demands and who can rightly retort that they are no different from the federal government in ignoring the rising warnings from WHO, CDC and others. The supply chain impacts, leave aside the death toll, are going to be stunning. I draw readers to a January 2005 two part series, Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains.
The tipping point could occur at any time but the forthcoming fall flu season could see the crossover from avian to human transmission as many of those falling prey to human flu chance to be in proximity with animals and birds with avian flu. Once genomic reassortment occurs in one or more doubly infected humans, the game is up for an unprepared globe. SARS was a cakewalk as a disease vector as it is actually hard to transmit in comparison to H5N1... more
Threat of H5N1 avian flu pandemic rises to point that business must actively consider contingency plans, part 2
China is again failing to provide requested urgently information and samples, this time about three outbreaks among migrating wild birds in the remote western provinces of Qinghai and Xinjiang where avian flu outbreaks now threaten all of previously unaffected countries of Central Asia and Russia... Based upon prior Chinese performance over SARS reporting, one is left unsatisfied with the Chinese response that "the infection in Xinjiang has been contained." Independent Chinese scientists that report on avian flu outbreaks are again under attack by the Agriculture Ministry while foreign researchers are quiet lest China bar them from entry. The stakes are rising as the virulence of H5N1 rises. Infected domestic flocks now die in a day rather than many... more
Multisourcing: belated recovery of forgotten first principles
Having long held that "insultants" outnumber consultants, and mindful that certain consultancies prey upon the short attention spans of their clients even as certain clients use their consultant's opinions as 'security blanket' surrogates for omissive decision making, I am displeased that the consulting community has ridden the outsourcing pony for years and only now is actively turning on the outsourcing concept as its political and structural impacts are becoming increasingly obvious. In point of fact, the consulting community is beginning to issue a new prescription for a disease which they themselves helped to construct.
I would like to offer a realistic assessment of why and how firms outsource. Firms almost universally devolve the problem to a divisional or unit level, thus the means, omissions and results that are achieved will vary on a case-by-case basis. The upshot is that the same problem is solved in differing ways, as a colleague said, "to avoid some organizational consequence" such as cost savings, headcount reductions (which can be to protect existing staff or to get credit for any reduction), functionality (that is missing, failing or inconvenient), or at the personal level, a positive annual personnel rating (which may be measured against suboptimizing criteria). What is missing is a decision making framework that integrates global and national aspects of need, technology, business considerations, risks, scope, duration, cost implications and ultimately solutions (there is always more than one solution, depending upon the desired outcomes and the bounds of monies, mindshare, and timing available)... more
Multisourcing: belated recovery of forgotten first principles, part 2
For those of us that come from a background of a Counterterrorism (CT) and Counterintelligence (CI) threat analysis, a Governance Model that Gartner belatedly embraces is the essence of effective performance definition, and the Design Basis Threat (DBT) becomes an integral, inseparable part of that governance model as the mechanism that informs the Command or Senior management of the types of threats it may face over time and allows them to define the threats that are in or out of scope, the level of deflection or defense that will be committed to each threat, and the cost for that level of deflection or defense. The commercial side could learn much the military in essential risk management starting with Field Manual FM 100-14, Risk Management, which is the commander's principal risk reduction process to identify and control hazards and make informed decisions... more
Failing the Manwaring paradigm: Surprise over jihadist targeting Muslim oil transport and refinery assets
The wide surprise over the public posting of a two year old jihadist document sanctioning the targeting of Muslim oil transport and refinery assets is a failure on multiple levels:
In June 2004, I addressed an infrastructure attack in Exceeding $100 USD a barrel in a stroke: attack Ghawar, Abqaiq, and Safaniya ... more
Symbiotic and predatory relationships between immigrant migration chains and supply chains
As migration patterns have long been a staple of ethnographic research, I have begun to extend the term 'Migration Chain' as an analog to Supply Chain in that they form symbiotic relationships and can be another predictor of future events. Reflecting over the Latin migrations into the US which I am coming to broadly class as legal, illicit (immigration), and illegal (criminal), while admitting to some fuzzy boundaries between legal and illicit, if nothing else, for getting in illicitly and then having one's child born here. These migration patterns have both sheep and wolves. Here are the sheep... more
Double edged sword of optimizing China-based and US/EU-based supply chains
Bleeding our China-monitoring interests over to logistics, I highly recommend two articles by George Stalk at BCG on the trade-offs between China-based and North American-based supply chains. The first is the HTML article from Supply Chain Management Review, Surviving the China Riptide, and the more developed PDF article from BCG, The China Rip Tide: Threat or Opportunity? Stalk portrays the scope of the problem in trying to improve China-based chains as reaching epidemic proportions... more
Chinese mercantile absorption of Sub-Saharan and East African infrastructure, energy, mining, development, political and military
Robert Mugabe and Zimbabwe are actually a stellar recommendation for China among African elites, i.e., no matter how despotically my clan and I behave, China will be my protector and lender of last resort against the international community. No one in the West is able, or willing, to make that bargain. I have the luxury of remembering a prosperous Rhodesia under Ian Smith, his UDI (Unilateral Declaration of Independence) from England, the rise of two black parties - Zanu (Zimbabwean African National Union) under Robert Mugabe and Zapu (Zimbabwe African People's Union) under Joshua Nkomo, the creation of Zimbabwe, the marginalization of Nkomo, Mugabe's period as a post-colonial liberation hero, and the trajectory of decline to what is now a prison camp of a nation. For those readers unaware of the sinkhole that nation has become see Frontline's Zimbabwe: Shadows and Lies. Were I an up and coming clan leader bent on control, I'd pick China... more
Globally dispersed, indigenously sited communities of terrorists upgrading to locally produced chembio agents
The marriage of John Robb's GLOBAL GUERRILLAS IN THE UK with my Designer bioagents: Why a potential Iranian, or existing Pakistani or DPRK, nuclear weapon does not overly excite me creates the terrorist chembio agent landscape that the UK's head of MI5, Eliza Manningham-Buller, has elected to describe in a rare public address.
The continuing strategic failure to address our slide in Pre-K through 20+ education
During the preparation of Islamic flashpoints: Even adjustments may be outside Western control,... which was a requested deeper dive on Iraq, Iran, Syria, Lebanon and Palestine from the survey of Colonial/Western-Arab relationships in Islamic territory from North Africa to South Asia: No solutions, only adjustments,... I found myself frequently thinking of vital national issues that have been neglected as Iraq continues to divert US attention, manpower, diplomacy and money to Baghdad:
In keeping with my view that 'The hole is as good as the donut,' that is, a thoughtful observer needs to look at what is missing as well as what is present, I opened the presentation with these six issues as I felt that they increased the gravity of the Iraqi situation in particular and the Middle East in general. It is one thing to be succeeding in Iraq, Afghanistan (we were, but we relocated attention and assets to Iraq and have likely lost it as well) and the Middle East so that one could argue that the tradeoff was worthwhile, but it is quite another to be singularly failing in those conflict areas as well as neglecting strategic areas of need... more
Deducing IP collection targets among military, commercial and dual use applications from Chinese science and technology core competencies
The identification and analysis of the science and technology core competencies of China permits much deduction, from a targeting standpoint, of Chinese interest against foreign military, commercial and dual use technologies. A first in the unclass area, this Office of Naval Research (ONR) comparative effort contrasts the impact/quality of all of China's research (versus India and Australia) and research investment emphases/strategy (versus the US); Its algorithmic data is of interest to those of us interested in automated search.
Chlorine is only the beginning of a spectrum of instant asymmetrical chemical weapons
A chemical weapon (CW) in the hands of an asymmetrical attacker or terrorist will generally not be 'WMD-scale,' certainly not in the context used in connection with Iraq under Saddam Hussein and OIF, but it will be a chemical weapon nonetheless. (Under current (but not future) means of delivery, the most likely "WMD chemical event" will be the placing of conventional explosives in an existing chemical plant.)
We must recalibrate our definition of a chemical weapon in order to understand how a terrorist can add chemical leverage to their attacks, likely using one or more items (mixtures greatly complicate defensive responses) drawn from local industrial chemical and pesticide stocks. In conflict situations where hazmat protection greatly complicates combat operations and/or local infrastructure is inept or unprepared to deal with chemical events, a simple chemical additive (even a benign additive if the defenders momentarily believe it to be a chemical additive) can be a significant force multiplier - directly against combat formations and indirectly against domestic public opinion... more
Informationalization in Chinese military doctrine affects foreign commercial and military assets
Informationalization, the computerization of business, industry, and military, has entered Chinese military thinking in earnest, affecting both foreign commercial and military assets. US and EU commercial assets have already suffered serious predation from Chinese military assets and Chinese commercial assets operating under military direction.
In the absence of a US counter-cyber warfare strategy, Chinese IT technologists enter all but the most secure US systems, exceeding the limits of passive examination and surveillance. Naval Network Warfare Command (Netwarcom) and others observe... more
Prediction: the Cisco-Huawei IP debacle repeated itself with Denso, and likely for the same reasons
In briefings three years ago to some of the largest tier one automotive suppliers, we forecast that Toyota/Denso would be the wholesale Automotive OEM target for IP theft as it was one of the few (the only significant) OEM that retained the capacity to design and manufacture everything that they purchased. (All other OEMs were in the process of surrendering their production technology via joint ventures so the only items worthy of hostile collection were their vehicle designs, preferably the mathdata CAD files thereof.) Another forecast was that any Toyota/Denso JV with a Chinese entity would be an IP siphon to the Chinese. The first forecast has now come true, and is likely only the beginning of the loss. The second is undoubtedly in progress.
In March Kyodo News reported that a Chinese engineer, Yang Luchuan, 41, at Denso's facility in Kariya, Aichi Prefecture, was suspected of "embezzling [Dowjones prefers "stealing"] information on about 1,700 types of products, including sensors and industrial robots [of which] about 280 types were considered top secret by the company."... more
The Mu shu pork Index for predicting Chinese propagation of inflation
If you manufacture product in China as part of your global supply chain or purchase Chinese products for inclusion into your manufacturing or processing efforts, you should pay attention to what we are calling the Mu Shu Pork Index in the spirit of the Economist's Big Mac Index (1986) and Starbucks Tall Latte Index (2004). But whereas the Big Mac and Starbucks Indices are based on the theory of purchasing-power parity (PPP) that argues that exchange rates will, over time, equalize the price of identical baskets of goods and services in any two countries, our Mu shu Index will define a basket of effects that will flush rising costs and inflation through the Chinese economy and out into the global supply chain that absorbs Chinese product... more
A China facet: Defective materials and products driven by greed and ineptitude
Our clients are familiar with our longstanding forecast of Chinese 'thrifting' in materials, coatings and platings, more so when they occur on interior surfaces, on in internal components, where testing is more difficult. Such thrifting occurs frequently in Chinese supply chains, often evidenced by multiple, substandard parts from different suppliers in the same subassembly.
This thrifting is matched by an aggressive IP theft/harvesting by the Chinese as these same materials areas are key to significant cost and structural improvements in sectors such as autos and elsewhere. Often the US/EU supplier possessing these skills is a tier two or three almost completely unaware of the attack. This bifurcation is understandable as the thrifting and the thefts are being executed by different entities with different goals in the greater Chinese supply chain. No one ever said that China was not a land of contrasts. Unrecognized by many, the risk has been there... more
Trends point towards Mexico's destabilization
How will you deal with the assassination of Calderon?: A working example of all-source risk analysis was my quickly assembled presentation when asked to step in and address the monthly meeting of the regional NAPM (National Association of Purchasing Managers) chapter this September.
I chose the title purposefully even though I might be accused of "profiting on assassinations and other terrorist acts" as was DARPA's Policy Analysis Market (PAM) futures market which actually was a superb idea designed to trade in, and gather knowledge of, "things that the US and incidentally the target country would be deeply interested in."
As an all-source risk analyst, I know that supply chain analysis must extend beyond mere commercial aspects, that while commercial calculations are an essential first step in risk evaluation, they are necessary but not sufficient to define total chain risk. Intellectual Property (IP), IT, criminal, terrorist, cyberterrorist and environmental issues - and their interactions - must be included... more
Confluence of thinking on Chinese outsourcing and supply chain risks from DSB and USCC
Rather than selling US securities, consider China restricting microchip supplies to the west at a critical junction (which would hit Taiwan, the current global producer of electronic componentry). This is no more implausible than Russia restricting energy flows to the Ukraine which despite the repercussions remains a viable distress option. (Think of combining securities with chips.)
Consider a foreign nation-state or its proxy embedding malicious code somewhere in a software developer's global outsourcing tier. (If bugs get in, certainly purpose-crafted malicious code can get in.) The state actor can be camouflaged by the nationality and location of its proxy. Think of the implications of the Defense Department "inadvertently outsourcing the manufacturing of key weapons and military equipment to factories in China."... more
The triple canopy of infection, birds over cats over pigs cascading feces, urine and DNA, returns
I've appropriated the tropical term triple canopy forest (also here) to describe the triple canopy of infection prevalent in China and Asia, birds over cats over pigs cascading feces, urine and DNA to a new 'forest floor' on traditional wet markets (photo, video) where recombination can work wonders in proximity to man. Similar cage stacking of wild and domesticated animals was widely seen in the SARS epidemic:
In-the-wild attacks against electrical utilities coupled with extortion demands: implications for response to criminal and terrorist action
CIA announced what appears to be the first, documented in-the-wild successful SCADA (Supervisory Control and Data Acquisition) attack against utilities infrastructure. Surely more to follow but with the agency making the announcement, it appears to be a concrete example unlike the staged attack against a captive diesel powered generator (video, text, more text):
Said to be "virulently allergic to hyperbole," Donahue would not have made a public announcement, nor would the agency have granted permission, "if he didn't think the threat was very large and that companies needed to fix things right now."... more
Themes and variations in Chinese and Indian Intellectual Property protection
Protecting your Intellectual Property in China and India was produced in response to GlobalAutoIndustry's request to contrast issues in Chinese and Indian Intellectual Property protection as part of China and India: Decreasing Costs Across Global Operations, a look at factors, advantages and concerns in Low Cost Country Sourcing (LCCS) to these automotive and component manufacturing areas.
Submarine fiber optic cable breaks: a study in hysteria and ignorance against analysis
The global submarine fiber optic network almost perfectly mimics the global electricity grid in its inability to mount any reasonable defense against attack. (I say 'almost' as the fiber optic industry is far less aware of its being a target than is the electricity grid.)
Here is Richard Clarke in 2000 speaking of cyberwar as "a threat that US government cannot defend solely by federal means"... more
Supply chain blowback of cocaine production hopping the Andes to Argentina and Uruguay
In attempting to study the unintended blowback of forcing cocaine production to move from Andean states to Argentina and Uruguay, it is not new news that:
The news value of this note is occasioned more by the intersection of... more
Semi-autonomous "killer robots" are already within reach of asymmetrical attackers
As part of my work revolves about inverting toys, technical gadgets, and industrial "found objects" into asymmetrical weapons, I was attracted to Noel Sharkey's presentation at RUSI's The Ethics of Autonomous Military Systems as well as his earlier efforts in venues such as Robot Wars and Techno Games. I have come to see Sharkey inhabiting the intersection of engineering, the application of engineering and ethics of application... more
Asymmetrical air force opportunities in interstate and intrastate conflict
This asymmetrical air force series rose from a recognition of the operational similarities between the Air Tigers of the Liberation Tigers of Tamil Eelam (LTTE) against the Sri Lankan government and the Biafra Babies of the secessionist Biafran Air Force against the Nigerian government, forty years earlier. Apart from the "convergent evolution" of their operational profiles, there were also important differences in sourcing aircraft, pilots, ordnance and maintenance, not to mention understanding the value of going offensive against a superior power in an audacious, headline-grabbing manner.
The exercise to optimize the best characteristics of these asymmetrical attackers while reducing the retaliatory effect of the superior power leads quickly to Unmanned Aerial Vehicles (UAVs) operating in place of, or along side, manned aircraft... more
Intellectual Property (IP) risks in Brazil and Mexico
Protecting your Intellectual Property in Mexico, Brazil and China was a recent presentation done in response to a request to compare IP risks in key Western Hemisphere states with those in China. As it is difficult to address three such diverse regions in a short presentation, readers are recommended to also look at:
The Brazilian IP risk is new to the list as it contains:
Foreign vulnerability inherent in US globalization of its commercial and defense supply chains
The US and, and to a lesser degree, Europe have lost control of their defense and commercial industrial supply chains. Exporting capability rather than capacity, the US has increasingly retained only a top tier or integrator role while exporting its tier 2-tier n base. Worse, the US cannot realistically define discrete and net risk as the chains are too opaque for identification and there is decreasing ability to direct sourcing to less risky tiers.
The loss has not come without warning, especially in the seminal analyses of the mid-1980s to early 90s (much of which is cited here) and near-disaster supply chain bottlenecks that nearly sidelined front line equipment during Desert Storm (1990-91).
Having surveyed four decades of research on globalization impacts, we can state that there are virtually no metrics in open source. There are drivers and characteristics but there are no actionable metrics of sufficient robustness to pass the test of falsifiability. At a macro level we are secure that we and some others have the compass right, but actionable information about a specific chain condition and greatest risk at component at tier in the chain is fuzzy at best. Given our supply chain analytic experience, we can see the tracks of bland assumptions without the understanding of how supply networks actually work. Defense and commercial sides of the house share the same problem - insufficient granularity of analysis which if they get there they find that they do not have accurate and timely data. At this point the commercial side generally gives up. The defense side can't so spends much time... more
FBI Cisco counterfeit investigation is live fire demonstration of failed supply chain oversight
The recent bureau investigation outlined in FBI Criminal Investigation: Cisco Routers of counterfeit Cisco routers, switches, interface converters (GBIC), and WAN interface cards (WIC) is a long overdue spotlight on the failure to properly manage and assess critical supply chains. Two themes stand out:
Israel was planting malicious chips in US assets before China
Reporting on the FBI investigation of Chinese counterfeit, some possibly malicious, electronics has made no mention that Israel had embedded malicious chips in nothing less than the White House phone system by 2000. Outside of members of the intelligence community and attentive technical readers of the period, this will come as a surprise, possibly coupled with the erroneous assumption of anti-Israeli bias, to many readers.
Nothing in open source then or since has convinced me that the US telecommunications network is either secure or immune to further interruption or breach. Whereas SCADA control networks, primarily for power grid generation, transmission and distribution applications (genco, transco, disco), and recently fiber optic networks have been identified as vulnerable to attack, little has been made publicly of telco vulnerability until the China Cisco counterfeits. The vulnerability of the US/EU telco network to a variety of state and nonstate actors is so great that it should be ranked adjacent to the vulnerabilities of our SCADA networks, for all applications, and fiber optic networks... more
Realistic Intellectual Property (IP) Protection in China, Updated: 26 Jun, 2008
Realistic IP Protection in China, 26 Jun, 2008, is the latest in our series on Intellectual Property (IP) threat and remediation given at the GlobalAutoIndusty (GAI) conference on 26 June.
In preparation of this particular conference, GAI asked for "What you will learn" bullet points to include in their trade press. My immediate response was this set of six key takeaways:
Collapsing US supply chains preclude independent US action
Collapsing US supply chains preclude independent US action: The intersection of loss of supply chain control and emerging, reemerging threats is a recent presentation outlining the hollowing out of US and EU supply chains and the vulnerabilities that ensue. Current reality is defined as:
Hollowing of the supply base nationally has mimicked effects in the automotive sector between OEMs and their tier base:
Intellectual Property and Investment Risk in Russia
Individuals and firms that are used to a US or EU business and legal assumptions are at a great disadvantage in the Russian Federation. It it still difficult to listen to skilled attorneys describe an "effective compliance program" for a US and Russian relationship but the reality is that the compliance program is for the US Sarbanes Oxley, SEC, FCPA side of the relationship.
The Institute of Corporate Law and Corporate Governance (ICLG) is correct to say that "no due attention is paid to corporate governance risks" and that the "fundamental problem in the area of corporate governance in Russia is the fact that company insiders (managers and controlling shareholders) abuse their position to the detriment of minority shareholders, including expropriation of assets" through transfer pricing, asset stripping, capital dilution, restructuring/mergers, and lack of transparency.
We would add brazen cash stripping to that list but it still understates the Russian condition as things are much more fluid and opaque on the Russian side. A European colleague schooled in Russia and skilled in dealing with Russians advised thusly... more
US auto sector must immediately perform a critical path supply chain risk review
US automakers must immediately perform a critical path supply chain risk review of what interrupts first, why, and how can the effects be attenuated. To not do so - for auto OEMs and individual suppliers - is grounds for fiduciary breach. Arguments, often uninformed, over the merits of bailout versus bankruptcy, obscure this need for a supply chain risk review that becomes an operating document. The contingency analyses of such a review will be needed regardless of which path all or some of the OEMs embark...
Automotive OEMs and their suppliers form a tightly woven industrial supply network in which many suppliers provide parts to multiple OEMs. The failure of one OEM - and even a few large Tier One suppliers - will have a cascading effect on the network that will take out the suppliers that service other OEMs, furthere accellerating the industry’s decline. This unraveling will affect both commercial and defense capacity... more
Ejecting executive automotive management may or may not help; energizing the usually inert and risk averse middle management can
The calls for GM's Wagoner and others to resign are akin to the murmurs in the Coliseum for more Christians to be fed to lions. Satisfying spectacle perhaps, but in my experience, it induces lockdown in the already risk averse junior and middle management whose credo becomes one of hoping to be the last inept to be discovered and removed. As far as I can ascertain, the focus is on a few individuals and not the corporation.
Were I to fault Wagoner, it would be for three reasons... more
InfoT Public Infrastructure Defense Public Risk Containment and Pricing Public Strategic Risk Public
In order to post a message, you must be logged in
|message||date / author|
There are no comments available.
In order to post a message, you must be logged in
Copyright © 2003-2017 ICG Spaces
opt out | contact us