Vendor Risk Management

What Is Digital Supply Chain Management?

Kim Johnson | January 29, 2019

You may have heard the term “digital supply chain management” being used to describe an emerging business function. But what exactly is a digital supply chain, and how is one supposed to manage it?

Digital Supply Chain: Two Definitions

Depending on the context in which it’s used, the term “digital supply chain” could have one of two different meanings. The term can either refer to:

  1. The digital aspects of a physical supply chain

  2. The chain of technology companies involved in the delivery of digital products

[Learn How to Protect Your Digital Supply Chain]

Definition 1: Supply Chain + Digital

In the first definition, “digital supply chain” is typically used when discussing how the development and implementation of advanced digital technologies (IoT, blockchain, machine learning, artificial intelligence, predictive analytics, etc.) can drive improvements to traditional supply chains.

For example, in McKinsey’s concept of the “next-generation digital supply chain,” supply chain leaders ought to “place sensors in everything, create networks everywhere, automate anything, and analyze everything to significantly improve performance and customer satisfaction.”

Who’s responsible for managing the digital supply chain? Within this definition, the team responsible for digital supply chain management is the same as the team responsible for any supply chain functions (which could be sales, manufacturing, logistics, etc.).

These teams are tasked with finding new ways to accomplish the same goals they’ve always had: improving efficiency and increasing margins. In other words, “digital supply chain management” is really just supply chain management with an added layer of digital technologies. These technologies include:

  • Predictive analytics to optimize inventory allocation and forecast demand

  • Automated replenishment solutions

  • Robotics to speed up assembly or picking

  • IoT sensors to gather real-time feedback from manufacturing equipment and vehicles

Definition 2: Digital Product Ecosystem

The second definition — that the digital supply chain is the chain of technology companies involved in the delivery of digital products — originally referred to the supply chains of digital products that initially existed in physical form, such as ebooks and mp3s. This term was coined in a 2001 paper.

Now, the definition has expanded to include the supply chains that help deliver any digital product, such as a website or software platform.

Take an e-commerce website, for example. Its digital supply chain includes the website’s developers, its administrators, the cloud services company that hosts the website’s data, the CMS provider, and the devices that consumers use to access the website. In addition, every third-party technology provider whose code provides functionality to the website — e-commerce plugins, personalized recommendation engines, advanced analytics services, inventory tracking solutions, custom product builder, chatbots, etc. — should also be considered part of the digital supply chain.

Risks to the Digital Supply Chain

This second definition is especially useful for technology companies. Looking closely at any digital product, whether it’s an e-commerce website, B2B software product, or something else, one can discover the long list of providers upon which the product relies. Viewing this list as a supply chain helps IT, cybersecurity, and other teams understand the risks to the product and identify opportunities for improvement.

Consider the 2016 DDoS attack on DNS provider Dyn that took down a large portion of the North American internet (including Spotify, Reddit, and the New York Times) for nearly a day. This is a typical example of a digital supply chain risk. The relationship between Spotify and Dyn is comparable to the relationship between a clothing retailer and a wool supplier — one relies on the other in order to deliver their product.

Another example is the 2018 Ticketmaster breach. Card skimming malware was added to the Ticketmaster website via a vulnerability in the code of a customer support software company. In other words, a threat was introduced through Ticketmaster’s digital supply chain.

Personnel at technology companies can take cues from their contemporaries at physical product companies concerning the monitoring and mitigation of supply chain risks. For example, creating a map of the digital supply chain to identify single points of failure among third-, fourth-, and fifth-party providers can help IT, cybersecurity, risk, and product teams avoid business disruptions and data breaches.



In Summary:

What is digital supply chain management? Depends on who you ask. It can either refer to managing the digital aspects of a physical supply chain, or managing the supply chain of digital products.

Within both of these definitions, increased inter-company collaboration and evolving technologies are presenting new challenges for supply chain management teams. New risk typically follows close behind new capabilities, so businesses should focus on monitoring and mitigation strategies while they work on developing and integrating new technologies.

You’re responsible for your digital supply chain. Here’s how you can protect it.

Download "How to Protect Your Digital Supply Chain" Whitepaper

Suggested Posts

Can Your Vendor Assessments Be More Efficient?

If you’re using a “one-size fits all” approach to managing your vendor lifecycle, you are missing opportunities to save money and operate more efficiently. Vendor management efficiencies don’t end in the onboarding stage: using a...


Do You Have The Right Vendor Management Policies?

If you’re experiencing frustrating delays and procedural roadblocks during your vendor management process, you’re not alone. Security managers are seeing an increase in the number of third-parties integrating with their business, and ...


3 Ways To Make Your Vendor Lifecycle More Efficient

During this dynamic and stressful workplace environment 2020 has brought us, finding the most efficient ways to perform in your job has never been more important. When it comes to managing your vendor lifecycle, there are three ways you...


Subscribe to get security news and updates in your inbox.