Skip to content
Search AI Powered

Latest Stories

thought leaders

Building resilience into the supply chain: interview with Yossi Sheffi

In his new book, The Power of Resilience, MIT professor Yossi Sheffi looks at how businesses can anticipate, prepare for, and respond to disruptive events.

Building resilience into the supply chain: interview with Yossi Sheffi

How vulnerable is your supply chain? What can you do to protect it from disruptions, especially those you cannot anticipate? These questions take on more and more urgency in an age of complex global supply chains, where events in one region can disrupt the operations of businesses and their customers on the other side of the world.

In his new book, The Power of Resilience: How the Best Companies Manage the Unexpected, Yossi Sheffi examines what many companies have done—and are doing—to anticipate, prepare for, and respond to disruptions that can range from earthquakes to hurricanes to cyberattacks to issues with sourcing that could harm business reputations.


The book is Sheffi's second on the topic of resilience. His first, The Resilient Enterprise, was published in 2005 in response to the 9/11 attacks. In the intervening decade, much has changed in both the landscape of supply chain risks and the implementation of corporate resiliency programs, Sheffi says. The new book looks at what companies have learned since that time and at new threats that have arisen.

Yossi Sheffi

Sheffi, a professor at the Massachusetts Institute of Technology (MIT) and director of the MIT Center for Transportation and Logistics, discussed the new book and supply chain resilience with DCV Editorial Director Peter Bradley. This is an edited and condensed version of the interview.

Q: What led you to decide it was time for a second book on the topic of resilience?

A: The first book was motivated by 9/11, looking at what companies were doing to prepare for disruption. When I started work on that book, I figured I'd begin by seeing what had already been written about this topic and I found nothing on logistics, supply chain, and transportation—in academic writing, at least. Since I didn't have any literature to draw from, I did research. I talked to well over a hundred companies. That research, which took four years and involved 30 people, led to the first book.

Then, when I was out talking to companies a few years back, more and more people were telling me, "Look, it's time for a new book because the threats are becoming more serious and more frequent, but we're also becoming a lot better at a number of new activities and processes, and (business continuity planning) has been taken to a higher level in corporations." So I put together a team and starting working on the new book.

Q: You write in the preface that we shouldn't look at this book as a sequel or a new edition of the original, that it really is something different. Tell me how.

A: It looks at a whole new set of threats that I didn't cover very much in the first book. For example, think about cybersecurity problems. Ten years ago, we were just starting to hear about cybersecurity problems. Today, "cyber" is a weapon. Many physical systems are being run by digital means and can be attacked.

It also became very important to talk about social and environmental responsibility: (the factory fires) in Bangladesh; the conflict mineral issues, which forced Intel and Apple to go to this very deep level—10 to 12 tiers deep—in the supply chain to find out where these minerals were coming from. This became a real corporate reputational risk. And, of course, there have been things like the Japanese earthquake and tsunami that changed a lot of companies' views on risk and their own vulnerability to disruption.

In the new book, I also emphasize a point that I did not make and should have made last time that people always look at the top right corner [in a quadrant chart of possible disruptions and estimations of their likelihood and impact] where the probability (of an event) is high and the consequences are high, but that is the wrong place to look. Companies prepare for these events, and as a result, although the impacts could be severe, they are not that high because companies are ready for them. I point out the really worrisome quadrant is the high-consequence/very-low-probability corner because this is the "black swan." This is the 2008 financial meltdown. This is 9/11. This is Chernobyl. These are the things that nobody expected and nobody knew how to deal with. And the question is, how do you prepare for things that you cannot even imagine, things that you don't even know that you don't know. A lot of the issues in the book have to do with general preparation or general resilience for what you can't even imagine because it never happened to you, to your competitors, or to other people in the industry.

Another change that is introduced to this framework is what I call "detectability"—the time from when you know something is going to happen to the first impact. Think of the classic example, a hurricane. You know three days before we see the storm.

But you (also) have to prepare for something that you only find out about after the fact. Think about some sabotage, some people stealing trade secrets, some cyberbug in your system.

There are a lot of new software applications that didn't exist 10 years ago that are designed to alert you as soon as something happens and tell you what the implications are, what the value risk is, which customers and products will be affected, and what problems you're going to have. I cover some of these new software applications in the book.

Q: You talked a few minutes ago about how while the risks are higher today, we have also learned a lot. What have we learned over the last 10 years that we've been able to put to work to help mitigate risks?

A: In terms of things that you can point to, such as an earthquake in an area that's prone to quakes or floods, you have to prepare for things that have happened before and can happen again. What is the communication plan? How should you notify whoever it is: the customers, Wall Street, suppliers, whatever? Who should be notified? Who should be involved in making up the plan? How do you respond?

The other side is the completely unexpected situation where you don't know what to do beyond general resilience measures. For this, you first of all have to have an emergency response operation and you have to have all the communications lines. The number one thing is what I said: You have to know who to call. Who should be the people to man these emergency operations? In a manufacturing company, it should be basically two functions, supply chain management and engineering.

Supply chain management should focus on inventory—looking at how to acquire more supplies where needed and seeking alternative suppliers. Engineering should look for damage solutions. Can we replace a component with another part? How do we qualify another part and so forth?

In general, the response should be two-pronged and involve two separate teams. One team should deal with the people. What is the impact on people? How do we find everybody? How do we deal with our suppliers? The other team should deal with business continuity issues. Because otherwise, depending on the nature of the team, they pay too much attention to one or the other.

Q: Let me go back to risk assessment for a moment. You talked about Intel and how deeply it had to dig to find out where its minerals come from. How does a company find out the risk deep in its supply chain, in its tier three, four, or five?

A: Oh, there was talk about a tier 12 or something. Anyway, Intel learned that four metals used in electronic products might be "conflict minerals," metals that have been mined under conditions of coercion and violence, and mobilized a team to ensure that its operations were "conflict free." The first question was, "Are we using conflict minerals?" But nobody knew. So the company started going backward in the supply chain, and it realized that it had to go back to about level five or six. Beyond this, you cannot tell where a material is coming from because the supplier gets it from multiple sources and just mixes it all together.

Intel decided to focus on the smelters and make sure the smelters' brokers only bought from approved mines. The thought was the company was not going to buy anything from mines in the Democratic Republic of Congo, but that would just throw hundreds of thousands of people out of work in a very poor country. So it couldn't do that.

So then it went to the smelters and tried to convince them to do it, but the problem is, as big as Intel is, it is not a very big customer of the smelter. And the smelter says, "I am not selling to you. I'm selling to some broker who then sells to another customer, who sells it to some other company." So Intel put together an industry consortium [the Electronic Industry Citizenship Coalition]. And it paid the smelters to qualify certain mines so it knew where minerals were coming from. It took Intel years, by the way.

Q: One of the arguments you make in the book is that by looking at your risk, by preparing for risk, you actually strengthen the entire enterprise. Expand on that a bit.

A: For an example, there is Intel. It had to map its entire supply chain. Knowing who the people upstream are, you not only get risk protection—the sense that if something happened to one of them, you know what the implications are—but you also learn more about what's going on in the supply chain. You start understanding your own supply chain a lot better, which always brings good things.

The Latest

More Stories

plane hauling air freight cargo

Global air cargo rates reached 2024 high point in November

Worldwide air cargo rates rose to a 2024 high in November of $2.76 per kilo, despite a slight (-2%) drop in flown tonnages compared with October, according to analysis by WorldACD Market data.

The healthy rate comes as demand and pricing both remain significantly above their already elevated levels last November, the Dutch firm said.

Keep ReadingShow less

Featured

containers stacked at a port

Supply chain execs wary of three trends in 2025, Moody’s says

Three issues ranking at top of mind for supply chain executives in 2025 will be supply chain restrictions, reputational risk, and quantifying risk exposure, according to Moody’s, a global integrated risk assessment firm.

Each of those points could have a stark impact on business operations, the firm said. First, supply chain restrictions will continue to drive up costs, following examples like European tariffs on Chinese autos and the U.S. plan to prevent Chinese software and hardware from entering cars in America.

Keep ReadingShow less
youngster checking shipping details on smartphone

Survey: older generations are unaware of holiday shipping deadlines

As holiday shoppers blitz through the final weeks of the winter peak shopping season, a survey from the postal and shipping solutions provider Stamps.com shows that 40% of U.S. consumers are unaware of holiday shipping deadlines, leaving them at risk of running into last-minute scrambles, higher shipping costs, and packages arriving late.

The survey also found a generational difference in holiday shipping deadline awareness, with 53% of Baby Boomers unaware of these cut-off dates, compared to just 32% of Millennials. Millennials are also more likely to prioritize guaranteed delivery, with 68% citing it as a key factor when choosing a shipping option this holiday season.

Keep ReadingShow less
shopper returning purchase with smartphone

E-commerce retailers brace for surge in returns

As shoppers prepare to receive—and send back—a surge of peak season e-commerce orders this month, returns will continue to pose a significant cost for the retail industry, with total returns projected to reach $890 billion in 2024, according to a report released today by the National Retail Federation (NRF) and Happy Returns, a UPS company.

Measured over the entire year of 2024, retailers estimate that 16.9% of their annual sales will be returned. But that total figure includes a spike of returns during the holidays; a separate NRF study found that for the 2024 winter holidays, retailers expect their return rate to be 17% higher, on average, than their annual return rate.

Keep ReadingShow less
screenshot of agentic AI for logistics

HappyRobot lands $15.6 million backing for its agentic AI

San Francisco startup HappyRobot has gained $15.6 million in venture funding for its AI platform that automates the communication needs of freight brokerages and other logistics users such as third-party logistics providers and warehouses.

The “series A” round was led by Andreessen Horowitz (a16z), with participation from Y Combinator and strategic industry investors, including RyderVentures. It follows an earlier, previously undisclosed, pre-seed round raised 1.5 years ago, that was backed by Array Ventures and other angel investors.

Keep ReadingShow less