return to ICG Spaces home    ICG Risk Blog    discussions    newsletters    login    

ICG Risk Blog - [ ICG's Supply Chain-Outsourcing Abstracts, April 2004 - December 2008 ]

ICG's Supply Chain-Outsourcing Abstracts, April 2004 - December 2008



ICG's Supply Chain-Outsourcing Abstracts


Supply chain analysis must extend beyond the piece part cost, beyond purely commercial aspects, in order to prevent surprise, interruption or termination.


Commercial calculations are the essential first step in risk evaluation; they are necessary but not sufficient to define total chain risk. Supply chain analysis must go beyond piece part cost to include Intellectual Property (IP), IT, criminal, terrorist, cyberterrorist and environmental issues - and their interactions.


Good supply chain analysis on the manufacturing downstream and outsourcing upstream must be an all-source risk analysis effort in order to preempt strategic surprise.


And in order to be effective, risk guidelines must be harmonized between downstream manufacturing and upstream outsourcing. Too often they proceed in isolation, or risk guidelines of either or both are faulty.


 Why steal COTS products or processes?



Targeting countries appear to wait for a successful US commercial application of a technology before seeking to acquire it as the kernel of capability for military use is often contained in the commercial variant. An airborne IR sensor is a good example that applies to all dual-use technologies.

I would stress that "failed" applies to collectors' time horizon and that the early securing of a commercial variant will act as a "gap filler" in both their defense and commercial posture and will act as a development seed in their research institutions.

As developed countries suffer legacy drag as we do, preferring not to change computer systems when an upgrade is needed, they target absorbable enhancements. Not so encumbered developing countries will attempt quantum leaps in capacity by acquiring newer, more advanced systems... more

Similar mitigation trajectories: Intellectual property theft and quality



I had the opportunity to share some opinions on the impact of intellectual property (IP) theft, some already posted to this list, with a large, global supplier of parts and subsystems that was known for its production and quality focus but it had not been clear to me that the supplier was also ahead of many of its peers in its understanding of the diversion risk that it and its subsuppliers faced in certain regions.

I mentioned certain points from Hemorrhaging intellectual property to Asia, notably that on the established industrial side:

[The] OEMs (Original Equipment Manufacturers at the top of their respective supply chains) have been virtually ordering their suppliers explicitly or implicitly to China (a) to produce lower cost products for resale back to the OEM or one of the subsuppliers in the chain, or (b) support OEM plants in-country. The demand for cost reduction is the pole star. Our prediction is that the OEMs, whose hubris leads them to mistakenly feel themselves above the risk horizon, will not protect their suppliers as new Chinese or other low-cost country providers come on line and will shift purchases to those new firms, hollowing out their own industrial infrastructure, even as OEMs press those same suppliers for cost reductions on a year-to-year basis.

To this, I added that since the OEMs had financial pressures of their own and would not relent in their demands for immediate direct cost reduction such that the supplier had no opportunity to not go to the desired low cost area, that it was up to the supplier to address the incursions against the intellectual property of their firm and the subsuppliers in any critical path of their supply chain... more

The defender's dilemma: common threads in exploiting commercial supply networks

We devote substantial research to asymmetrical warfare exploits involving COTS (commercial off the shelf) openly available dual-use equipment and processes... Tools and weapons derived from such sources are perfect tools "for the asymmetrical warrior, and devastating to US commercial and military installations."

It is a truism in every COTS weapon system production capacity that we investigate that investigating authorities place self-imposed blinders upon themselves, too often assuming that their opponent is a mirror image state opponent, such as Russia, or state-sponsored opponent, such as Libya, and thus compelled to access the same production base, employ state-of-the-art production processes, assume a continuous production level when manufacturing is involved, observe common industrial manufacturing and recovery processes, and expect similar military delivery means.

Just as military forces habitually look for mirror image adversaries instead of an asymmetrical opponent exploiting a key weakness that you have overlooked, so does the FBI too often look first to new, retail commercial purchase instead of looking for "good enough" components from the used, resale, internet, closure, overstock, bankruptcy, or theft sources. The perp's goal is path of least resistance and not path of greatest production... more

Invisible reallocation of supply chain vendors based on perceived threat to buyers



It has been my experience that while many industrial firms have made a strategic IT commitment to the likes of Microsoft or Cisco in volume purchases that significantly lower the per seat product cost, they exhibit a very different -- lower and more transient -- loyalty to the suppliers in their product supply chains.

Based upon our work in the automotive sector, we can say that OEMs (Original Equipment Manufacturers) -- or vehicle manufacturers -- in this relentlessly cost sensitive sector have less than rigid loyalty to suppliers and certainly feel "hostage" to certain suppliers, especially those suppliers who dominate the market in a specific part/subsystem or even a high percentage of overall industry production to all OEMs. OEMs are reacting by reallocating their part production awards to other than the industry leader, irrespective of that supplier's ability to provide a technically and financially acceptable component.

This does not mean that OEMs will award business to firms with substandard performance, quality, and robustness, but rather that they will select among a group of suppliers capable of providing a peer level of performance in order to reduce the dominance of particular suppliers in critical market subsystems. I hasten to add that "critical" may be based upon internal OEM criteria not available to the supplier who would otherwise presume that they have the business based upon being the incumbent supplier offering a competitive cost and functional bid for a subsequent model year... more

When clients for risk assessment/risk pricing take on a risk of their own


While virtually every risk client will subscribe to the idea that there is added value in managing risk, i.e., shifting from the default condition of accepting risk to the pricing of risk though such mechanisms as mitigants, offsets, and transfers, the client rarely sees themselves as among the criteria of risk. Risk clients commonly divide themselves into one of three categories:

  • Finance/risk managers without operations skill
  • Finance/risk managers with operations skill
  • Operations/in-country managers ... more

The merger of Inability to distill, Not invented here, and Competitive bad advice



The merger of Inability to distill, Not invented here, and Competitive bad advice give rise to a persistent condition we see among many that are party to risk assessment or risk pricing: Deming's "They don't know that they don't know." Furthermore, there is little time to teach them, especially without causing embarrassment to one party or another.

Under Inability to distill, I had noted that they "can't analyze what they have," and so lapse into the condition of being "better informed without the ability to act." This is the crux of the operable decision problem, i.e., they do not "see" the data in first instance, do not see context, do not see relevance, do not see pattern at any time, and do not see patterns maturing over time. They are deprived of a meaningful means of prediction... more

Brief introduction to China risks


Before turning to a brief introduction to China risk, space limitations in the previous post required that I defer the operational component.

Operational, in-country side of the commercial client:

1. These people are close to the problem and bear the pain

They are often the wariest depending upon their corporate structure and whether true P&L responsibility resides at this operational level. A reasonable indicator of local control would be a local partnership or other tax effort that limits US asset consolidation.

2. They feel risk keenly in all aspects of the business

While this is true, situations vary as to whether it is more effective to approach the financial/risk group or the operations group -- even if on-the-ground people have contracting authority. Working with operational units can be daunting if the financial/risk group is in denial (see part 1) as any counter-corporate views quoted by local operators, and sourced back to us, complicate our ability to support the client... more

Starter questions to begin -- just begin -- to understand country risk



Here is a starter list of questions for the novice to begin -- just begin -- to understand the risk in your country of interest. Or you can charge in with your risk unmeasured and unpriced. Many do.

1. Judiciary

  • Is there an independent judiciary?
  • Is there a mechanism for independent arbitration?
  • Is the country subject to bilateral treaty with the US?

The PRC does not have an independent judiciary.

2. Intrastate conflict between state, province and enterprise zones

  • Which country to the casual observer seems more risky?

You can never, ever judge this from afar. Yes, there is enormous interference from Beijing and enterprise zones, but substitute the relevant government agency, and this pertains to almost any almost-developed nation; even democracies like India, Argentina, Brazil, and Australia that to the uninformed may appear benign or less risky... more

Refining a China forecast



Continuing our effort to refine a prediction for Chinese economic direction, I believe that China will:

(1) Increasingly digest and take advantage of foreign technology to create increasingly effective and efficient local products (and only then will it more rigorously enforce anti-piracy laws -- akin to what Japan is now doing in such areas as flat panels)

(2) Go beyond commercial, increasingly commodity products to embed unique Chinese standards that bar or slow foreign entry, i.e., increasing Chinese price-volume curve efficiencies while damping foreign efficiencies and denying revenue to Chinese competitors (e.g., DVD, CMDA, PC chipsets, Red Flag Unix, encryption algorithms)

(3) Continuing reduction or elimination of foreign royalty payments for any and all products - a corollary to (2) - be they products made for domestic Chinese consumption or export (the recent Microsoft contract cancellation is a mere tip of this iceberg)... more 

Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains, Part 1



Suspected human-to-human Avian Flu H5N1 transmission has occurred in Vietnam, and is the kind of trigger news that could launch the epidemic/pandemic "event" noted in The flu season not yet underway and uncomfortable signs that 'when, not if' is shifting to 'soon, not when'. Worse, the lack of reliable or widely available tests may be masking other cases. H5N1 is vastly more fearsome than SARS (Severe Acute Respiratory Syndrome).

In the case of SARS and now Avian Flu, governments are voting short term economic gains, reducing the flow of accurate infection information, impeding inspection by foreign epidemiological staff, and forestalling destruction of infected fowl, thereby blinding themselves - and us - to the tipping point of a pandemic.

Independent actions by local, regional, and national governmental entities effectively conspire to make the situation opaque. Vietnam, Thailand, and China are now repeating news suppression and denials in avian flu animal-to-human and human-to-human transmissions... more

Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains, Part 2



Host nation (PRC and HK) "Public" or core event hierarchy:

  • Restaurant activity
  • Public small to medium group activities
  • Mass transit
  • Tourism revenue
  • Airline revenue
  • Service industries (restaurants, hotels, airlines, cinemas, and theaters)
  • Host nation quarantine commences
  • Service industries suppliers (air navigation services, wholesalers, food providers)
  • Discretionary products (notably luxury goods)
  • Global airport sales of all items
  • Foreign (offshore) quarantine rises
  • Host nation quarantine methods increase in intensity
  • Host nation (PRC) mismanagement of news/story continues
  • 'Phonecam nation' collects and provides data about virus spread to unofficial databases beyond government control
  • Asian markets/indices... more

Cost pressures on supply tiers prompt loss of supplier intellectual property



Suppliers worry that design reviews by an OEM prior to contract award are efforts to extract price concessions, extracting information to compare (1) proprietary cost buildups and (2) ideas among competing suppliers. OEMs, for their part, may be mistaken in asking the supplier for full disclosure of the supply chain during this period of minimum trust and maximum fear, a more common occurrence among the three "US" OEMs than Toyota or Honda.

In reality, the supplier has often not gone to the cost and effort to fully detail the part. OEM staff profess outrage when they 'find out' this is the case. We ask them what they expected. Would they not do the same were circumstances reversed?

The following [sanitized] exchange involves AutoCo and CarCo, two automotive OEMs, MetalCo, a Tier One supplier, and MasterCo, a related subsidiary. AutoCo is under financial pressure to produce improved results. Such pressure always creates hot spots under excruciating demand, to the point of program cancellation and (participant) job loss... more

Lenovo's transition to Dell and HP peer competitor should be measured in months rather than years



Market Assumption: The transition period between (1) Lenovo's purchase of IBM's PC group and (2) the appearance of robust Lenovo desktop and laptop products (products that challenge the likes of Dell and HP) is to be measured in terms of years.

Our Forecast: The transition period between Lenovo's purchase of IBM's PC group and the appearance of robust Lenovo products is far shorter than what the perceived wisdom (years) would indicate. The transition could easily be accomplished within twelve months, less with a more concerted effort, requiring little or no additional dependence on intellectual property (IP) diversion.

Rationale: Lenovo has already positioned itself to climb out at the top of the electronics supply chain. It lacks only in brand and distribution (both of which it believes it has purchased). Pricing pressures in the electronics industry are no less fierce than those between automotive manufacturers (OEMs) and their Tier One suppliers.  Dell, HP, and IBM, among others, have placed unrelenting pressure on their Taiwanese suppliers for price reductions.  It is understood in the sector, but seems not to have reached the level of actionable risk analysis, that this pricing pressure has driven much "Taiwanese" electronics to China with supplier badging remaining in Taiwan. (See activity location 2003 versus 2006.)... more

Pan-industry “beggar/maker-prince/maker” initiatives in supply chains



Enter Intel, a chipset manufacturer that is promoting "white box" (generic PC) and "white book" (generic notebook) devices using generic designs, cases and hardware modules. Intel's intent is said to be the creation of a family of more compliant suppliers and so escape their current vulnerability to the two US giants - Dell and HP. 

Intel seems to be pursuing an approach that mimics the "beggar/maker-prince/maker" process that we see emerging among US automotive OEMs.  (As Intel provides roughly a fifth of the world's server products (at higher margins than PCs) and so competes with their server customers, it may be to Intel's advantage to suppress their current troublesome generic PC vendors while created a wider market for their chip sets.)

For those readers unfamiliar with beggar/maker-prince/maker, we see OEMs in a number of sectors, automotive included, that perceive themselves increasingly captive to powerful Tier One suppliers. To escape that burden, we believe that the OEMs are in the process of elevating smaller suppliers (making princes out of serfs) while taking business away from the leading suppliers for future models (making beggars out of kings).  The result in both automotive and electronic market sectors is to leave the top of the manufacturing tier in stronger control of its supply chains... more

Implications of absence of liability: shifting the cost from perpetrator to consumer and bystander



Absence of liability in software design and data aggregation share a common theme: The absence of liability or responsibility for human action in any system leaves a massive open loop in which damaging action is allowed to rise, and to continue, without impact to the perpetrator's finances, equity and reputation. The unregulated impact of such action is a form of collateral damage to consumer and bystander as the cost to correct wrongful action or inaction is transferred to them.

The politico-economic system is as much at fault as are the perpetrators as the latter are only responding to the risk-reward calculations that the system presents them. If I am producer of product, tangible and intangible, and am not held accountable for the quality of those products, I will devote more attention to 'features' than to the quality of those features. If I am an aggregator of information and not held accountable for the security and accuracy of that information, I will focus on gathering/acquiring more information and designing data mining tools to exploit that information than to securing and updating that information. In both cases, it comes down to the consequences of shabby 'product.'... more 

At what point does a decision maker bound the system that describes options with the least destructive outcomes?



Just as customers had to "take either the horse nearest the stable door or none at all" from Thomas Hobson's livery stable, so must Microsoft decide between stopping piracy revenue loss or driving clients elsewhere or indirectly propagating vulnerable installs; and the US must decide between US-EU cooperative agreements that permit transatlantic technology transfer underlying cooperative programs such as the Joint Strike Fighter (JSF) or accelerated EU, principally French and German, arms exports to China.

Choices in complex systems are increasingly maddening, and in geopolitical systems those choices can have disastrous consequences. Many have written on the short term thinking of certain political elites that lead to an endless string of unintended consequences, so I am not the first to suggest that setting width of scope and length of timeline is essential in defining a solution space with the least damaging outlines. (Whenever clients task us for a solution to an especially vexing problem, we find that the solution space is not large enough to define a solution and that we have to widen the solution space, i.e., reset scope, in order to define one or more solutions that can be presented to the client for evaluation.)... more

China: a planners' preference defense industry succeeds in spite of systemic shortcomings



China's military-industrial complex is a study in contrasts. Effectively unique in the third world/developing world in that it produces a complete range of military equipment that includes "small arms, armored vehicles, fighter aircraft, warships, submarines, nuclear weapons and intercontinental ballistic missiles; is one of the oldest and largest defense sectors, yet faces system shortcomings that have evinced difficulties in "translating theory and design into reliable weapon systems":

  • Technologically backwards defense industries (much indigenous design equivalent to 1970s-1980s technology
  • Critical R&D gaps (aeronautics, propulsion, microelectronics, computers, avionics, sensors and seekers, electronic warfare, and advanced materials.
  • Systems integration and program delays
  • Inefficient, wasteful production dogged by excess capacity
  • Consistently poor production quality control
  • Small and sporadic production runs
  • Inadequate funding
  • Centralized and personality-centric production management leading centralized, hierarchical, bureaucratic, and risk-averse state-owned enterprises (SOEs)... more

The world is flat save for the depression that we occupy: Friedman on global opportunity and competition



The head of Infosys (India) told Tom Friedman that "the playing field is being leveled" as decades of massive investment in technology, computers, global broadband connectivity, education, communication and information processing tools created a condition in which "countries like India were now able to compete equally for global knowledge work as never before -- and that America had better get ready for this."

Friedman made a great tag line leap from 'leveled' to 'flattened' to 'flat' with the observation that: When the world is flat, you can innovate without having to emigrate. The impacts are enormous in terms of economic, political, military, and demographic changes at the level of shocks - and an inability to predict when and where those leaps will occur... more 

Supply chain paradigm shifts: read the tea leaves and add minor twists



Chrysler's consideration of a Chinese JV to make Chrysler vehicles in China and export them to North America and SeaCode's intent to anchor a used cruise ship converted into a 24/7 floating programming factory off the US coast are seen by some as a shock, a new departure, but are in reality a tweaked progression of trends already in motion.

DaimlerChrysler's 'export Chryslers' made in China

DaimlerChrysler's effort is an attractive proposal to a Chinese firm in that it:

  • Builds a new substitute supply chain in China for "a totally new [DCX] segment"
  • Provides technological assess to the technology and design of that new segment
  • Offers an early export exit path against other Chinese competitors
  • Reduces buyer reticence as the Chinese vehicle is sold as a 'Chrysler' and not as an unknown Chinese badge
  • Provides an opportunity to intimately study Chrysler marketing and brand awareness process (much like two of China's largest state-run tobacco companies will do as part of permitting Altria/Philip Morris to manufacture and sell Marlboros in China)... more

Supply chain paradigm shifts, part 2: SeaCode's floating Maquiladora



Continuing our review of 'tweaked progressions of trends already in motion,' SeaCode's very near offshore seaborne platform solves a number of nettlesome problems:

  • H1B visa requirements avoided by anchoring the vessel outside US territorial jurisdiction
  • Lack of communication and poor program management that dogs so many offshoring projects is remedied by clients being a short water taxi ride away while the vessel is always within the client's 'day' window for telephone access
  • High performing programming staff as I wager that good programmers and engineers will vie for the 600 positions if the pay and working conditions remain as advertised
  • High output as teams will work in team "pods" of overlapping shifts, thereby shortening development time
  • Higher security and potentially better intellectual property (IP) control
  • Total costs to clients are commensurate with genuinely offshore project costs but a goodly portion of costs are envisioned to revert to US firms and coffers
  • Client staff trips to offshore destinations for project collaboration conferences are eliminated... more 

Commercial blindness: a "twofer" attack on the Indian state and US and European outsourcing assets



One must wonder how inattentive major US outsourcers can be, and how 'missing in action' that major consultancies such as Forrester can be, so as to not recognize the physical threat to core outsourcing facilities in India. Perhaps it is the mere continuation of the lesser lapse of failing to factor intellectual property (IP) theft risk in supposedly low cost areas. (See Intellectual property theft: the unspoken unknown of offshoring.) Even more curious is the effective absence of concern by Europeans who would normally have an attentive ear to the near and middle east. (The UK has a term EMEA for Europe, Middle East, and Africa to describe their version of the 'Near Abroad.')

The threat to IT and outsourcing assets in Bangalore and Hyderabad should be taken seriously despite the bland denials from Indian authorities who are understandably anxious to protect what amounts to the core of Indian economic revival... more 

Threat of H5N1 avian flu pandemic rises to point that business must actively consider contingency plans



The threat of an avian flu H5N1 human-to-human outbreak - which holds the specter of a global pandemic - is now at a point that I submit that firms that do not address the potential impacts to their global supply chains are at a point between a near total supply chain interruption and fiduciary breach. This is cheap prose to firms that are struggling with financial and competitive demands and who can rightly retort that they are no different from the federal government in ignoring the rising warnings from WHO, CDC and others. The supply chain impacts, leave aside the death toll, are going to be stunning. I draw readers to a January 2005 two part series, Using SARS to predict H5N1 Avian Flu impacts on regional & global supply chains.

The tipping point could occur at any time but the forthcoming fall flu season could see the crossover from avian to human transmission as many of those falling prey to human flu chance to be in proximity with animals and birds with avian flu. Once genomic reassortment occurs in one or more doubly infected humans, the game is up for an unprepared globe. SARS was a cakewalk as a disease vector as it is actually hard to transmit in comparison to H5N1... more

Threat of H5N1 avian flu pandemic rises to point that business must actively consider contingency plans, part 2



China is again failing to provide requested urgently information and samples, this time about three outbreaks among migrating wild birds in the remote western provinces of Qinghai and Xinjiang where avian flu outbreaks now threaten all of previously unaffected countries of Central Asia and Russia... Based upon prior Chinese performance over SARS reporting, one is left unsatisfied with the Chinese response that "the infection in Xinjiang has been contained." Independent Chinese scientists that report on avian flu outbreaks are again under attack by the Agriculture Ministry while foreign researchers are quiet lest China bar them from entry. The stakes are rising as the virulence of H5N1 rises. Infected domestic flocks now die in a day rather than many... more 


Multisourcing: belated recovery of forgotten first principles



Having long held that "insultants" outnumber consultants, and mindful that certain consultancies prey upon the short attention spans of their clients even as certain clients use their consultant's opinions as 'security blanket' surrogates for omissive decision making, I am displeased that the consulting community has ridden the outsourcing pony for years and only now is actively turning on the outsourcing concept as its political and structural impacts are becoming increasingly obvious. In point of fact, the consulting community is beginning to issue a new prescription for a disease which they themselves helped to construct.

I would like to offer a realistic assessment of why and how firms outsource. Firms almost universally devolve the problem to a divisional or unit level, thus the means, omissions and results that are achieved will vary on a case-by-case basis. The upshot is that the same problem is solved in differing ways, as a colleague said, "to avoid some organizational consequence" such as cost savings, headcount reductions (which can be to protect existing staff or to get credit for any reduction), functionality (that is missing, failing or inconvenient), or at the personal level, a positive annual personnel rating (which may be measured against suboptimizing criteria). What is missing is a decision making framework that integrates global and national aspects of need, technology, business considerations, risks, scope, duration, cost implications and ultimately solutions (there is always more than one solution, depending upon the desired outcomes and the bounds of monies, mindshare, and timing available)... more 

Multisourcing: belated recovery of forgotten first principles, part 2



For those of us that come from a background of a Counterterrorism (CT) and Counterintelligence (CI) threat analysis, a Governance Model that Gartner belatedly embraces is the essence of effective performance definition, and the Design Basis Threat (DBT) becomes an integral, inseparable part of that governance model as the mechanism that informs the Command or Senior management of the types of threats it may face over time and allows them to define the threats that are in or out of scope, the level of deflection or defense that will be committed to each threat, and the cost for that level of deflection or defense. The commercial side could learn much the military in essential risk management starting with Field Manual FM 100-14, Risk Management, which is the commander's principal risk reduction process to identify and control hazards and make informed decisions... more


Failing the Manwaring paradigm: Surprise over jihadist targeting Muslim oil transport and refinery assets



The wide surprise over the public posting of a two year old jihadist document sanctioning the targeting of Muslim oil transport and refinery assets is a failure on multiple levels:

  • Failure to read already published jihadist strategy documents
  • Failure to see the rising capacity of the "new jihad"
  • Failure to transpose the value to insurgents of attacking Iraqi electrical and oil infrastructure to other Muslim "near enemy" regions
  • Failure to grasp the value of a "twofer" attack against a neutral or "near enemy" state in which the attack damages the local apostate government while damaging US and European firms indirectly -- where an attack on US soil would be prohibitive
  • Failure to understand the impacts of the Manwaring paradigm to both attacker and defender

In June 2004, I addressed an infrastructure attack in Exceeding $100 USD a barrel in a stroke: attack Ghawar, Abqaiq, and Safaniya ... more

Symbiotic and predatory relationships between immigrant migration chains and supply chains

As migration patterns have long been a staple of ethnographic research, I have begun to extend the term 'Migration Chain' as an analog to Supply Chain in that they form symbiotic relationships and can be another predictor of future events. Reflecting over the Latin migrations into the US which I am coming to broadly class as legal, illicit (immigration), and illegal (criminal), while admitting to some fuzzy boundaries between legal and illicit, if nothing else, for getting in illicitly and then having one's child born here. These migration patterns have both sheep and wolves. Here are the sheep... more 


Double edged sword of optimizing China-based and US/EU-based supply chains



Bleeding our China-monitoring interests over to logistics, I highly recommend two articles by George Stalk at BCG on the trade-offs between China-based and North American-based supply chains. The first is the HTML article from Supply Chain Management Review, Surviving the China Riptide, and the more developed PDF article from BCG, The China Rip Tide: Threat or Opportunity? Stalk portrays the scope of the problem in trying to improve China-based chains as reaching epidemic proportions... more

Chinese mercantile absorption of Sub-Saharan and East African infrastructure, energy, mining, development, political and military



Robert Mugabe and Zimbabwe are actually a stellar recommendation for China among African elites, i.e., no matter how despotically my clan and I behave, China will be my protector and lender of last resort against the international community. No one in the West is able, or willing, to make that bargain. I have the luxury of remembering a prosperous Rhodesia under Ian Smith, his UDI (Unilateral Declaration of Independence) from England, the rise of two black parties - Zanu (Zimbabwean African National Union) under Robert Mugabe and Zapu (Zimbabwe African People's Union) under Joshua Nkomo, the creation of Zimbabwe, the marginalization of Nkomo, Mugabe's period as a post-colonial liberation hero, and the trajectory of decline to what is now a prison camp of a nation. For those readers unaware of the sinkhole that nation has become see Frontline's Zimbabwe: Shadows and Lies. Were I an up and coming clan leader bent on control, I'd pick China... more


Globally dispersed, indigenously sited communities of terrorists upgrading to locally produced chembio agents



The marriage of John Robb's GLOBAL GUERRILLAS IN THE UK with my Designer bioagents: Why a potential Iranian, or existing Pakistani or DPRK, nuclear weapon does not overly excite me creates the terrorist chembio agent landscape that the UK's head of MI5, Eliza Manningham-Buller, has elected to describe in a rare public address.

Manningham-Buller uncloaked to "set out my views on the realities of the terrorist threat facing the UK in 2006; what motivates those who pose that threat; and what my Service is doing, with others, to counter it"
... more


The continuing strategic failure to address our slide in Pre-K through 20+ education



During the preparation of Islamic flashpoints: Even adjustments may be outside Western control,... which was a requested deeper dive on Iraq, Iran, Syria, Lebanon and Palestine from the survey of Colonial/Western-Arab relationships in Islamic territory from North Africa to South Asia: No solutions, only adjustments,... I found myself frequently thinking of vital national issues that have been neglected as Iraq continues to divert US attention, manpower, diplomacy and money to Baghdad:

  • China's growing mercantile net
  • Russia's kleptocracy class armed with the energy weapon
  • Eclipse of US dominance of technologically sophisticated, major weapons systems
  • Pre-K through 20+ education
  • Conservation policy and conservation technology
  • While it is transient - resolving the Republican struggle from the Bush Family struggle

In keeping with my view that 'The hole is as good as the donut,' that is, a thoughtful observer needs to look at what is missing as well as what is present, I opened the presentation with these six issues as I felt that they increased the gravity of the Iraqi situation in particular and the Middle East in general. It is one thing to be succeeding in Iraq, Afghanistan (we were, but we relocated attention and assets to Iraq and have likely lost it as well) and the Middle East so that one could argue that the tradeoff was worthwhile, but it is quite another to be singularly failing in those conflict areas as well as neglecting strategic areas of need... more 

Deducing IP collection targets among military, commercial and dual use applications from Chinese science and technology core competencies



The identification and analysis of the science and technology core competencies of China permits much deduction, from a targeting standpoint, of Chinese interest against foreign military, commercial and dual use technologies. A first in the unclass area, this Office of Naval Research (ONR) comparative effort contrasts the impact/quality of all of China's research (versus India and Australia) and research investment emphases/strategy (versus the US); Its algorithmic data is of interest to those of us interested in automated search.

This analysis has rising interest as China surpassed Japan in 2006 to "become the world's second highest investor in R&D after the United States"
... more


Chlorine is only the beginning of a spectrum of instant asymmetrical chemical weapons



A chemical weapon (CW) in the hands of an asymmetrical attacker or terrorist will generally not be 'WMD-scale,' certainly not in the context used in connection with Iraq under Saddam Hussein and OIF, but it will be a chemical weapon nonetheless. (Under current (but not future) means of delivery, the most likely "WMD chemical event" will be the placing of conventional explosives in an existing chemical plant.)

We must recalibrate our definition of a chemical weapon in order to understand how a terrorist can add chemical leverage to their attacks, likely using one or more items (mixtures greatly complicate defensive responses) drawn from local industrial chemical and pesticide stocks. In conflict situations where hazmat protection greatly complicates combat operations and/or local infrastructure is inept or unprepared to deal with chemical events, a simple chemical additive (even a benign additive if the defenders momentarily believe it to be a chemical additive) can be a significant force multiplier - directly against combat formations and indirectly against domestic public opinion... more

Informationalization in Chinese military doctrine affects foreign commercial and military assets



Informationalization, the computerization of business, industry, and military, has entered Chinese military thinking in earnest, affecting both foreign commercial and military assets. US and EU commercial assets have already suffered serious predation from Chinese military assets and Chinese commercial assets operating under military direction.

In the absence of a US counter-cyber warfare strategy, Chinese IT technologists enter all but the most secure US systems, exceeding the limits of passive examination and surveillance. Naval Network Warfare Command (Netwarcom) and others observe... more

Prediction: the Cisco-Huawei IP debacle repeated itself with Denso, and likely for the same reasons



In briefings three years ago to some of the largest tier one automotive suppliers, we forecast that Toyota/Denso would be the wholesale Automotive OEM target for IP theft as it was one of the few (the only significant) OEM that retained the capacity to design and manufacture everything that they purchased. (All other OEMs were in the process of surrendering their production technology via joint ventures so the only items worthy of hostile collection were their vehicle designs, preferably the mathdata CAD files thereof.) Another forecast was that any Toyota/Denso JV with a Chinese entity would be an IP siphon to the Chinese. The first forecast has now come true, and is likely only the beginning of the loss. The second is undoubtedly in progress.

In March Kyodo News reported that a Chinese engineer, Yang Luchuan, 41, at Denso's facility in Kariya, Aichi Prefecture, was suspected of "embezzling [Dowjones prefers "stealing"] information on about 1,700 types of products, including sensors and industrial robots [of which] about 280 types were considered top secret by the company."... more

The Mu shu pork Index for predicting Chinese propagation of inflation



If you manufacture product in China as part of your global supply chain or purchase Chinese products for inclusion into your manufacturing or processing efforts, you should pay attention to what we are calling the Mu Shu Pork Index in the spirit of the Economist's Big Mac Index (1986) and Starbucks Tall Latte Index (2004). But whereas the Big Mac and Starbucks Indices are based on the theory of purchasing-power parity (PPP) that argues that exchange rates will, over time, equalize the price of identical baskets of goods and services in any two countries, our Mu shu Index will define a basket of effects that will flush rising costs and inflation through the Chinese economy and out into the global supply chain that absorbs Chinese product... more

A China facet: Defective materials and products driven by greed and ineptitude



Our clients are familiar with our longstanding forecast of Chinese 'thrifting' in materials, coatings and platings, more so when they occur on interior surfaces, on in internal components, where testing is more difficult. Such thrifting occurs frequently in Chinese supply chains, often evidenced by multiple, substandard parts from different suppliers in the same subassembly.

This thrifting is matched by an aggressive IP theft/harvesting by the Chinese as these same materials areas are key to significant cost and structural improvements in sectors such as autos and elsewhere. Often the US/EU supplier possessing these skills is a tier two or three almost completely unaware of the attack. This bifurcation is understandable as the thrifting and the thefts are being executed by different entities with different goals in the greater Chinese supply chain. No one ever said that China was not a land of contrasts. Unrecognized by many, the risk has been there... more

Trends point towards Mexico's destabilization



How will you deal with the assassination of Calderon?: A working example of all-source risk analysis was my quickly assembled presentation when asked to step in and address the monthly meeting of the regional NAPM (National Association of Purchasing Managers) chapter this September.

I chose the title purposefully even though I might be accused of "profiting on assassinations and other terrorist acts" as was DARPA's Policy Analysis Market (PAM) futures market which actually was a superb idea designed to trade in, and gather knowledge of, "things that the US and incidentally the target country would be deeply interested in."

As an all-source risk analyst, I know that supply chain analysis must extend beyond mere commercial aspects, that while commercial calculations are an essential first step in risk evaluation, they are necessary but not sufficient to define total chain risk. Intellectual Property (IP), IT, criminal, terrorist, cyberterrorist and environmental issues - and their interactions - must be included... more

Confluence of thinking on Chinese outsourcing and supply chain risks from DSB and USCC


Rather than selling US securities, consider China restricting microchip supplies to the west at a critical junction (which would hit Taiwan, the current global producer of electronic componentry). This is no more implausible than Russia restricting energy flows to the Ukraine which despite the repercussions remains a viable distress option. (Think of combining securities with chips.)

Consider a foreign nation-state or its proxy embedding malicious code somewhere in a software developer's global outsourcing tier. (If bugs get in, certainly purpose-crafted malicious code can get in.) The state actor can be camouflaged by the nationality and location of its proxy. Think of the implications of the Defense Department "inadvertently outsourcing the manufacturing of key weapons and military equipment to factories in China."... more 

The triple canopy of infection, birds over cats over pigs cascading feces, urine and DNA, returns



I've appropriated the tropical term triple canopy forest (also here) to describe the triple canopy of infection prevalent in China and Asia, birds over cats over pigs cascading feces, urine and DNA to a new 'forest floor' on traditional wet markets (photo, video) where recombination can work wonders in proximity to man. Similar cage stacking of wild and domesticated animals was widely seen in the SARS epidemic:

SARS, or severe acute respiratory syndrome, first appeared in China in 2002. It spread widely in early 2003 to infect at least 8,098 people in 26 countries, according to the World Health Organization. The disease died out later in 2003, and no cases have been reported since.

A refresher on SARS, including its timeline... more

In-the-wild attacks against electrical utilities coupled with extortion demands: implications for response to criminal and terrorist action


CIA announced what appears to be the first, documented in-the-wild successful SCADA (Supervisory Control and Data Acquisition) attack against utilities infrastructure. Surely more to follow but with the agency making the announcement, it appears to be a concrete example unlike the staged attack against a captive diesel powered generator (video, text, more text):

US Central Intelligence Agency senior analyst Tom Donahue told a gathering of 300 US, UK, Swedish, and Dutch government officials and engineers and security managers from electric, water, oil & gas and other critical industry asset owners from all across North America, that "We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

Said to be "virulently allergic to hyperbole," Donahue would not have made a public announcement, nor would the agency have granted permission, "if he didn't think the threat was very large and that companies needed to fix things right now."... more

Themes and variations in Chinese and Indian Intellectual Property protection


Protecting your Intellectual Property in China and India was produced in response to GlobalAutoIndustry's request to contrast issues in Chinese and Indian Intellectual Property protection as part of China and India: Decreasing Costs Across Global Operations, a look at factors, advantages and concerns in Low Cost Country Sourcing (LCCS) to these automotive and component manufacturing areas.

Readers can treat China and India as the 'low cost is not low risk' abstract to separate presentations devoted to each country... more

Submarine fiber optic cable breaks: a study in hysteria and ignorance against analysis



The global submarine fiber optic network almost perfectly mimics the global electricity grid in its inability to mount any reasonable defense against attack. (I say 'almost' as the fiber optic industry is far less aware of its being a target than is the electricity grid.)

Here is Richard Clarke in 2000 speaking of cyberwar as "a threat that US government cannot defend solely by federal means"... more

Supply chain blowback of cocaine production hopping the Andes to Argentina and Uruguay



In attempting to study the unintended blowback of forcing cocaine production to move from Andean states to Argentina and Uruguay, it is not new news that:

  1. Cocaine production shifted to Argentina and Uruguay because of an ill-thought-out restriction of precursor chemicals entering Bolivia which drove starved cocaine production east where the precursors were cheap and easily available - and actually improved shipping costs to Europe.
  2. Byproducts of cocaine production had long ago ravaged the poor of Bolivia who could not afford the higher order product, cocaine.
  3. The byproducts of this migrated production has been ravaging the poor of Argentina and Uruguay for five years.

The news value of this note is occasioned more by the intersection of... more

Semi-autonomous "killer robots" are already within reach of asymmetrical attackers


As part of my work revolves about inverting toys, technical gadgets, and industrial "found objects" into asymmetrical weapons, I was attracted to Noel Sharkey's presentation at RUSI's The Ethics of Autonomous Military Systems as well as his earlier efforts in venues such as Robot Wars and Techno Games. I have come to see Sharkey inhabiting the intersection of engineering, the application of engineering and ethics of application... more


Asymmetrical air force opportunities in interstate and intrastate conflict



This asymmetrical air force series rose from a recognition of the operational similarities between the Air Tigers of the Liberation Tigers of Tamil Eelam (LTTE) against the Sri Lankan government and the Biafra Babies of the secessionist Biafran Air Force against the Nigerian government, forty years earlier. Apart from the "convergent evolution" of their operational profiles, there were also important differences in sourcing aircraft, pilots, ordnance and maintenance, not to mention understanding the value of going offensive against a superior power in an audacious, headline-grabbing manner.

The exercise to optimize the best characteristics of these asymmetrical attackers while reducing the retaliatory effect of the superior power leads quickly to Unmanned Aerial Vehicles (UAVs) operating in place of, or along side, manned aircraft... more 

Intellectual Property (IP) risks in Brazil and Mexico



Protecting your Intellectual Property in Mexico, Brazil and China was a recent presentation done in response to a request to compare IP risks in key Western Hemisphere states with those in China. As it is difficult to address three such diverse regions in a short presentation, readers are recommended to also look at:

The Brazilian IP risk is new to the list as it contains:

  • Unique Brazilian characteristics
  • Brazil as a mixed threat environment
  • Condition of ungoverned areas, ill-equipped lawenforcement agencies and militaries
  • Endemic IP abuse environment
  • Moderate anti-IP intellectual environment
  • Pressure to remain preferred Southern Cone regional automobile supplier
  • Brazil as part of China's mercantile strategy
  • Brazil's attractive IP targets... more

Foreign vulnerability inherent in US globalization of its commercial and defense supply chains


The US and, and to a lesser degree, Europe have lost control of their defense and commercial industrial supply chains. Exporting capability rather than capacity, the US has increasingly retained only a top tier or integrator role while exporting its tier 2-tier n base. Worse, the US cannot realistically define discrete and net risk as the chains are too opaque for identification and there is decreasing ability to direct sourcing to less risky tiers.

The loss has not come without warning, especially in the seminal analyses of the mid-1980s to early 90s (much of which is cited here) and near-disaster supply chain bottlenecks that nearly sidelined front line equipment during Desert Storm (1990-91).

Having surveyed four decades of research on globalization impacts, we can state that there are virtually no metrics in open source. There are drivers and characteristics but there are no actionable metrics of sufficient robustness to pass the test of falsifiability. At a macro level we are secure that we and some others have the compass right, but actionable information about a specific chain condition and greatest risk at component at tier in the chain is fuzzy at best. Given our supply chain analytic experience, we can see the tracks of bland assumptions without the understanding of how supply networks actually work. Defense and commercial sides of the house share the same problem - insufficient granularity of analysis which if they get there they find that they do not have accurate and timely data. At this point the commercial side generally gives up. The defense side can't so spends much time... more


FBI Cisco counterfeit investigation is live fire demonstration of failed supply chain oversight



The recent bureau investigation outlined in FBI Criminal Investigation: Cisco Routers of counterfeit Cisco routers, switches, interface converters (GBIC), and WAN interface cards (WIC) is a long overdue spotlight on the failure to properly manage and assess critical supply chains. Two themes stand out:

  1. Validation of insufficient supply chain analysis at tier: From a supply chain analysis standpoint, the problem is worse that the FBI notes. If the tier 0 is the OEM or top level consumer as it is in the manufacturing sector, then the malicious entry is coming in at tier 4, not tier 3, as the “GSA IT Vendor” is the tier 1. The ‘tier 3’ to the tier 1 is thus a tier 4 to the OEM/top tier consumer and thus well below superficial oversight limits. Alternately, federal purchasing guidelines were so loose that malicious equipment could be effectively sanitized at tier 2 as noted in the eBay and federal credit card procurement paths. As noted in Foreign vulnerability inherent in US globalization of its commercial and defense supply chains, the lack of effective means and metrics had led to complacency and ignorance.
  2. Probably PLA participation at overt/covert subsidiary: From a motivation standpoint, this analyst believes that the question of “For profit or state sponsored?” is not an ‘or’ but an ‘and,’ i.e., both motives are cooperating within the People's Liberation Army (PLA) and have been for well over a decade... more

Israel was planting malicious chips in US assets before China


Reporting on the FBI investigation of Chinese counterfeit, some possibly malicious, electronics has made no mention that Israel had embedded malicious chips in nothing less than the White House phone system by 2000. Outside of members of the intelligence community and attentive technical readers of the period, this will come as a surprise, possibly coupled with the erroneous assumption of anti-Israeli bias, to many readers.


Nothing in open source then or since has convinced me that the US telecommunications network is either secure or immune to further interruption or breach. Whereas SCADA control networks, primarily for power grid generation, transmission and distribution applications (genco, transco, disco), and recently fiber optic networks have been identified as vulnerable to attack, little has been made publicly of telco vulnerability until the China Cisco counterfeits. The vulnerability of the US/EU telco network to a variety of state and nonstate actors is so great that it should be ranked adjacent to the vulnerabilities of our SCADA networks, for all applications, and fiber optic networks... more


Realistic Intellectual Property (IP) Protection in China, Updated: 26 Jun, 2008



Realistic IP Protection in China, 26 Jun, 2008, is the latest in our series on Intellectual Property (IP) threat and remediation given at the GlobalAutoIndusty (GAI) conference on 26 June.

In preparation of this particular conference, GAI asked for "What you will learn" bullet points to include in their trade press. My immediate response was this set of six key takeaways:

  1. Define IP and its loss
  2. Redefine the nature of IP loss into a workable global framework
  3. Understand the nature of supply chain "risk at any tier" as opposed to "risky countries"
  4. Learn the common "solutions" that do not work, that actually leave the user more vulnerable
  5. Overview an approach that does work, drawn from counterintelligence practice
  6. Know that most of your advisory firms are less skilled in IP protection than you are... more

Collapsing US supply chains preclude independent US action


Collapsing US supply chains preclude independent US action: The intersection of loss of supply chain control and emerging, reemerging threats is a recent presentation outlining the hollowing out of US and EU supply chains and the vulnerabilities that ensue. Current reality is defined as:

  • The People's Republic of China can prevent the US from commencing or maintaining the ops tempo of a future Desert Storm or Operation Iraqi Freedom.
  • If the PRC is the adversary, it can preclude our ability to conclude combat operations.
  • PRC has the ability to induce trap-doors into HW and embedded SW assemblies.

Hollowing of the supply base nationally has mimicked effects in the automotive sector between OEMs and their tier base: 

  • US and Europe have lost control of their defense and commercial industrial supply chains.
  • Exporting capability rather than capacity, the US has increasingly retained only a top tier or integrator role while exporting its tier 2-tier n base.
  • US cannot realistically define discrete and net risk as supply chains are too opaque for identification.
  • Decreasing ability to direct sourcing to less risky tiers.
  • Loss has not come without warning... more

Intellectual Property and Investment Risk in Russia


Individuals and firms that are used to a US or EU business and legal assumptions are at a great disadvantage in the Russian Federation. It it still difficult to listen to skilled attorneys describe an "effective compliance program" for a US and Russian relationship but the reality is that the compliance program is for the US Sarbanes Oxley, SEC, FCPA side of the relationship.


The Institute of Corporate Law and Corporate Governance (ICLG) is correct to say that "no due attention is paid to corporate governance risks" and that the "fundamental problem in the area of corporate governance in Russia is the fact that company insiders (managers and controlling shareholders) abuse their position to the detriment of minority shareholders, including expropriation of assets" through transfer pricing, asset stripping, capital dilution, restructuring/mergers, and lack of transparency.


We would add brazen cash stripping to that list but it still understates the Russian condition as things are much more fluid and opaque on the Russian side. A European colleague schooled in Russia and skilled in dealing with Russians advised thusly... more


US auto sector must immediately perform a critical path supply chain risk review



US automakers must immediately perform a critical path supply chain risk review of what interrupts first, why, and how can the effects be attenuated. To not do so - for auto OEMs and individual suppliers - is grounds for fiduciary breach. Arguments, often uninformed, over the merits of bailout versus bankruptcy, obscure this need for a supply chain risk review that becomes an operating document. The contingency analyses of such a review will be needed regardless of which path all or some of the OEMs embark...


Automotive OEMs and their suppliers form a tightly woven industrial supply network in which many suppliers provide parts to multiple OEMs. The failure of one OEM - and even a few large Tier One suppliers - will have a cascading effect on the network that will take out the suppliers that service other OEMs, furthere accellerating the industry’s decline. This unraveling will affect both commercial and defense capacity... more

Ejecting executive automotive management may or may not help; energizing the usually inert and risk averse middle management can



The calls for GM's Wagoner and others to resign are akin to the murmurs in the Coliseum for more Christians to be fed to lions. Satisfying spectacle perhaps, but in my experience, it induces lockdown in the already risk averse junior and middle management whose credo becomes one of hoping to be the last inept to be discovered and removed. As far as I can ascertain, the focus is on a few individuals and not the corporation.


Were I to fault Wagoner, it would be for three reasons... more


Gordon Housworth


InfoT Public  Infrastructure Defense Public  Risk Containment and Pricing Public  Strategic Risk Public  


  discuss this article

<<  |  August 2020  |  >>
view our rss feed