Logistics Viewpoints

The Order Fulfillment Upheaval – An Omni-Channel Perspective

Posted: 23 Jun 2021 08:11 AM PDT

It is no exaggeration to say that the COVID-19 pandemic caused an upheaval in order fulfillment processes. The question today is to what degree did these changes occur and how will processes change in the future. Will they revert back to the prior state as if the pandemic never occurred? Will they continue along the same trajectory brought about during the pandemic? Or will the processes be a mix of both, and how so?

An understanding of these dynamics was the goal of ARC's survey-based research conducted with DC Velocity earlier this year (see DC Velocity Infographic in June 2021 issue). Order fulfillment changes were widespread and exerted effects on fulfillment channels, resource requirements, throughput, merchandise, investments, and more. Today let's focus on the dynamic combination of order placement and fulfillment processes – also known as omni-channel.

Our survey was conducted with respondents across manufacturing, wholesale, retail, and logistics service provider (3PL) sectors. So certain channel activity is less prevalent in wholesale or manufacturing than in retail. With that said, we asked respondents about the degree to which their organizations processed and filled specific order types in 2019 to serve as a baseline to measure forthcoming changes, and to understand the profile of respondents in the survey sample (image 1). Traditional e-commerce (ship from warehouse), followed by traditional retail (in person) were the most prevalent order process and fulfillment channels used by our survey respondents. The other processes that utilize a combination of online ordering and retail store inventory were less prevalent, as expected.

The interesting findings begin with the changes our respondents experienced in their fulfillment operations during 2020 – a tumultuous year to say the least. The survey sample experienced a net decrease in activity within the traditional retail channel as retail locations were restricted to customers or closely entirely for much of the year. And the majority of those that experienced decreased activity in traditional retail stated that it decreased extensively. In contrast, the survey sample experienced a net increase in activity across other channels including online order, customer pick-up at store; online order, shipped from retail store. Publicly noted examples (external to the ARC survey) include the increase of online order, pick up at store from retailers such as Target and the use of stores as fulfillment centers. The increase in activity was especially pronounced for traditional e-commerce (shipped from warehouse) with the majority of those experiencing increased activity stating that it increased extensively. The direction of these findings for 2020 was to be expected. Less clear are the changes that will occur in 2021.

Our sample of survey respondents are expecting widespread increases in business activity for 2021, with net increases expected across all listed channels. The majority of those expecting increases within the traditional retail channel are expecting moderate, rather than extensive increases. This was unexpected. It is possible that the moderate increase is due to an underrepresentation of traditional retailers (whom I expect to experience extensive increases in traditional retail) such as grocery, sporting goods, and department stores in our sample. I am also surprised by expected increases in online order, pick-up at store and online order, ship from retail store. Again, it is possible that this is due to the profile of our respondents being skewed toward manufacturing and durable goods, as opposed to nondurables (CPG, apparel, etc.). It is also possible that I have underestimated the degree to which processes such as picking up online orders at stores will "stick". I have reduced my personal use of these practices as I am enjoying the renewed novelty of entering stores. However, it is possible that this novelty will fade and give way to the convenience of pick-up in the near future. I am also surprised by the expected net increase in shipment from stores. I am interested in learning more about the reasoning behind this decision (as it is more of a supplier rather than a consumer preference). Finally, the broad-based expectation of increases in traditional e-commerce supports the perspective that the pandemic accelerated an existing trend and much of that change will "stick".

Final Word

The findings from our survey-based research of logistics practitioners shows the degree of change that occurred in 2020 and the likely progression of these changes in 2021. In general, the changes will partially revert back to pre-pandemic order processing and fulfillment practices. However, the e-commerce shift was in process prior to the pandemic and there are financial and convenience benefits to these practices that are likely to encourage their continuation. Finally, our findings are consistent with some broader economic measures. For example, the US Census Bureau reported a 32 percent increase in 2020 e-commerce sales – a strong acceleration from 2019. I expect this increase will decelerate markedly in 2021. Furthermore, the change in monthly sales by kind of business suggest both a rebound for businesses that declined during the pandemic (apparel, automotive) and a continuation of pandemic-related growth trends (home furnishings and sporting goods). This indicates that consumer purchasing preferences may have shifted somewhat, as well.

The post The Order Fulfillment Upheaval – An Omni-Channel Perspective appeared first on Logistics Viewpoints.

Supply Chain Cybersecurity: Tips for Shippers to Mitigate Cyber Attacks

Posted: 22 Jun 2021 05:03 AM PDT

supply chain cybersecurity Cyberattacks seem to be growing in prevalence and severity, particularly those around the major supply chains in the US, including both the fuel supply chain and the food supply chain. On June 2, 2021, The Wall Street Journal reported that a ransomware attack against JBS had resulted in the cancellation of shifts across all US plants. Such an event has constrained the meat supply chain more than ever, sparking fears of massive food shortages, and it comes mere weeks after the other major cyberattack to strike the US—halting the operation of the Colonial Pipeline.

The recent cyberattack that resulted in the shutdown of the Colonial Pipeline has returned the issue of cybersecurity to the forefront of logistics conversations, reports CNBC. Much like the Colonial Pipeline, a break in the flow of goods and services within transportation results in a disruption to the customer experience. From a logistics perspective, your supply chain can be protected by working with technology-enabled partners to effectively reduce the risk through layered protection strategies such as layered communication methods, segmented systems that can be isolated and addressed when a possible attack occurs, and expanded breadth of mode and carrier offerings to bypass potential disruptions.

The continuing expansion of supply chain software to enable parcel management, warehousing, white-glove services, final mile visibility, the electronic interconnections inherent in digital transportation management, and more devices connected following the rollout of 5G wireless connectivity increase the areas of opportunity for an attacker.

Each system could contain vulnerabilities, and it's only with an eye on the need to rigorously monitor and enhance supply chain cybersecurity that business leaders can keep their chains disruption-free. Let's take a closer look at the issue of supply chain cybersecurity, why the Colonial Pipeline attack is translating into a renewed focus for cybersecurity, and a few things to know when assessing the cybersecurity of your network partners and software vendors.

Supply Chain Cybersecurity Risks Continue to Exist Around the Globe

The ransomware attack on the Colonial Pipeline has once again highlighted a common fact; cyberattacks appear to be increasing in frequency and scope of impact at an alarming rate. On top of that, the recent need for expanded remote work has exponentially increased many companies' exposure to attack. There are a few things that supply chain leaders need to know about the facts of cybersecurity attacks, as noted by Varonis.

Most successful cyberattacks are not some repeated attempt to gain entry to a system with advanced coding knowledge; they are the result of human error.
Up to 95% of cybersecurity breaches are caused by social engineering, using things like phishing emails or shared login credentials to gain access to a system.
The remaining cyberattack incidents can come from espionage, unpatched systems or other means.
Money is often the driving force behind cyberattacks, accounting for 86% of attacks.
The typical cyberattack and subsequent data breach cost was $3.86 million in 2020.
The average breach goes undetected for more than 50 days.

For the supply chain, it's a clear indicator that cybersecurity is critical to keeping information safe, secure and keeping product flowing. As a 3PL, our most important goal as a company is defending the flow of goods and keeping the economy moving. Our greatest fear for cybersecurity would be our applications or operational machines being impacted in a way that would stop the flow of goods, or food, or impact the flow of the economy or essential goods.

How the Colonial Pipeline Attack Will Affect the Supply Chain

The Colonial Pipeline is a painfully common cyberattack that contributed to a massive fuel shortage along the East Coast. Fuel average costs rose above $3 per gallon for the first time in seven years, when retail fuel was available at all.

Due to the shortage, truckload rates rose in tandem with increased fuel surcharges as the pressure at the pump spiked. Some drivers were challenged to find refuel stations with available diesel. Those effects have translated into delaying orders and risking customer upset. Any one of these events can create a domino effect to capacity challenges and delays.

What Can Shippers Do to Mitigate Cyber Attacks

In a perfect world, human error would never contribute to cyberattacks, but this isn't a perfect world. And supply chain cybersecurity is only as valuable as the ability to mitigate that risk. That's why more shippers are taking extra steps to protect their assets from cyberattacks, including:

Working together on security planning and testing with trusted 3rd parties like GlobalTranz who provide TMS or other applications. This is effectively achieved through outsourcing of the maintenance and patching of the systems to trusted digital transportation management partners.
Conducting penetration testing to identify and address vulnerabilities. Penetration testing is a biannual process at GlobalTranz and helps to root out risks before they become cyberattacks.
Leveraging a dedicated cybersecurity team to ensure accountability and protect customers from the risks of using any connected application, whether used as a standalone system or integrated within a tech stack.
Continuous scanning to find issues, quarantine affected systems and prevent subsequent disruptions. The reality is that an attack will happen, and the key to success rests in being able to mitigate the impact and protect customer information.
Ensuring that supply chains are not single-stream, leveraging multiple carrier, manufacturing, and delivery partners to create resiliency in the flow of goods and services.

Enhance Your Supply Chain Cybersecurity With the Right Software and Solutions Vendors with High-Quality Information Security Processes

Your company and the partners you work with should have important individual layers of security and processes to help build more robust supply chain security, including:

Infosec policies to hold employees accountable for website and email use.
Physical security measures to prevent unauthorized individuals from accessing servers or applications.
Using firewalls and secure networks/systems to prevent attacks from gaining entry to a system.
Running automatic antivirus and vulnerability software to detect unusual lateral movement within an account or application to recognize a cyberattack.
Maintaining strict access control and permissions to share files and applications.
Backing data up routinely to account for possible losses when and if an attack occurs.
Leveraging monitoring and notifications to alert dedicated staff of potential issues as soon as evidence of an attack appears.
Employee training and testing to ensure their readiness to help prevent a successful attack

The right systems must use a segmentation strategy that sections software and platforms into small, isolated pieces, so even if a hacker (for example) finds a way inside the system used to calculate fuel surcharges, that's all they can affect. They can't look at another segment like credit ratings or customer data, and this is enabled by:

Each segment is self-sufficient and has limited access to data.
Each segment is fully recoverable.
Each segment enforces security in the connections between them.

There's also cloud-hosted options such as serverless deployment using platform-as-a-service that can reduce risk. If there is no server out there when trying to figure out what the next step is to obtain data, the surface area for what can be hacked goes down. There is not a system to login to where a bad actor could download malware or sit for months looking for ways to further penetrate the network, dramatically decreasing the ability to hack.

Enhance Your Supply Chain Cybersecurity With the Right Software Vendors and High-Quality Information Security-Based Applications

Today, cybersecurity is among the top pressing concerns for companies of all sizes. Most attacks derive from a mistake—a human error—whether that's clicking on a link or incorrectly sharing personal data. While the next attack is inevitable, allowing it to disrupt your supply chain is not. Now is the time to start rethinking your plans and strategies, train employees to reduce their risk for accidentally playing into a hacker's hands, and ensure you're working with partners that are protecting their assets and customer assets with proactive supply chain cybersecurity.

As Manager of Cybersecurity at GlobalTranz, Darwin Porter is responsible for assessing, mitigating, and protecting GlobalTranz from cyber-attacks and cyber risk. With over 20 years of IT experience in the supply chain and logistics industry, Darwin has a proven track record of planning and implementing security measures, establishing security policies and procedures, and building response plans to help companies protect assets, information systems, intellectual property, and maintain seamless operations.

As Vice President of Engineering at GlobalTranz, Ryan Pettit leads an engineering team responsible for architecting and securing the GlobalTranz technology infrastructure. Ryan brings over 20 years in leadership positions across all phases of product development and commercialization lifecycle within organizations ranging from a Fortune 300 Global 3PL to a publicly traded Fin-Tech firm with approximately $10MM in Sales to an early-stage Transportation Tech Startup. He has extensive experience designing technology product solutions, building roadmaps for execution, and solving business challenges.

The post Supply Chain Cybersecurity: Tips for Shippers to Mitigate Cyber Attacks appeared first on Logistics Viewpoints.