Cybersecurity Tops Supply Chain Managers’ List of Biggest Risks in 2nd Quarter

Lehigh Business Supply Chain Risk Management Index reveals concern for cyber-attacks, China and market uncertainty.

The second quarter results of the Lehigh Business Supply Chain Risk Management Index (LRMI) showed cybersecurity and economics as the two highest risks for the third straight quarter. While it is number one, cybersecurity had the lowest score for a number one risk since the LRMI started three years ago.

In addition, the overall risk score is the lowest in the last three years.

The LRMI was developed by the Center for Supply Chain Research at Lehigh and the Council of Supply Chain Management Professionals in order to rank 10 broad categories of supply chain risks. The risk categories are cybersecurity, economics, transportation disruption, supplier, government intervention, operational, quality, customer, technological and environmental.

“The LRMI allows executives and supply chain managers to look ahead and prepare for risks that will become important in planning for the next quarter,” said Zach G. Zacharia, associate professor of supply chain management and director of the Center for Supply Chain Research at Lehigh.

Economic risk was second overall, but the score dropped sharply as well. “Economic risk has been one of the top three risks in every quarter in the last three years,” said Zacharia, “but you have to go to the first quarter of 2021 to have such a low number for economic factors such as energy costs, labor shortages and sudden demand shocks.” Customer risk came in third, also at a reduced score from previous quarters.

Risk index logo

Transportation risk was the lowest out of 10 risk categories for the first time in three years. This suggests, based on the responses of supply chain professionals who participated in the LRMI survey, that transportation is widely available at much-decreased costs, said Zacharia.

A unique feature of the LRMI is the opportunity to compare across all 10 risk categories directly against each other, instead of scoring each risk individually. When supply chain professionals take that approach, the top four risks are economic, transportation disruption, supplier and government intervention.

“The benefit of comparing risks against each other is that it provides a new perspective, which can be different when a risk is compared only to itself,” said Zacharia. “For example, transportation risk dropped to the lowest ranked risk as transportation prices have plummeted and demand is down which is reflected in the low individual risk score, despite that, when compared across all 10 risks, supply chain managers think transportation is one of the top four risks next quarter.”

Another important aspect of the LRMI is that the quarterly reports include a sampling of candid comments from supply chain managers about each risk category that takes you beyond the numbers. Comments from the new second quarter report include:

  • There have been more and more cyber-attacks, but they are just quietly being dealt with.
  • Hacking is a business.
  • Economic slowdown will impact the demand. We are heading towards a recession in FY23.
  • We have completely decoupled from China. For those who haven't, I would ask: Would you have kept your business in the USSR or Nazi Germany?
  • Manufacturers and retailers are not ordering from suppliers, and many times, even trying to delay or cancel orders.
  • Potential new railroad legislation and shifting legislation around environmental concerns are worrisome.
  • Read more comments.

LRMI reports are available every quarter in March, June, September and December.

To get the latest report for free and to find out how supply chain managers can take the LRMI survey for the next quarter go to: business.lehigh.edu/LRMI.