Supply Chain Integrity in COVID-19

COVID-19 has exposed the fragility of the supply chain and the need to minimize risk. Listen in as Mercury’s supply chain experts, Ash Hall and Ping Maltbie, discuss the risks associated with offshore management, ownership and manufacturing, and how Mercury is working to control supply integrity with more robust central sourcing strategies.

Read the transcript.

Ralph Guevarez:

Supply chain integrity and COVID-19, next on Mercury Now.

Ralph Guevarez:

Hello, and welcome to Mercury Now, a podcast series brought to you by Mercury Systems. I am your host, Ralph Guevarez, and today’s topic, supply chain integrity and COVID-19, as Mercury takes a zero trust approach to their suppliers and have taken strides to ensure their suppliers are who they say they are. Joining me is Ash Hall, VP of Supply Chain Enterprise Management, and Ping Maltbie, Director of Supply Chain Enterprise Management for Mercury Systems. Ash, Ping, good day and welcome to you both.

Ping Maltbie:

Hello, Ralph.

Ash Hall:

Hello, Ralph.

Ralph Guevarez:

Before we discuss supply chain integrity, can you please give our listeners a brief background on your current role at Mercury, starting with you, Ping please?

Ping Maltbie:

Sure. Ralph, currently at Mercury Systems, I’m responsible for the global procurement operations to supporting 12 manufacturer’s sites. Prior to join Mercury Systems, I was a directly responsible for supporting 14 different manufacturers in North America for over a billion dollar supplier spend. So I was fortunate I had a great opportunity to work in China to oversee the manufacturing suppliers in Asia.

Ralph Guevarez:

Thank you, Ping. Ash?

Ash Hall:

Yes. I’m vice president of supply chain for Mercury Systems. I joined Mercury Systems the end of June of last year, so just shy of my one year anniversary. Most of my career has been in supply chain. Prior to Mercury Systems, I was with a company called Meggitt. Spent a number of years with Danaher and started my career at Intel Corporation.

Ralph Guevarez:

Now despite significant efforts to contain the spread of coronavirus, including a travel ban, COVID-19, which they’re calling the black swan of 2020, continues to affect our daily lives. During all this turmoil, supply chain has become a hot topic. Can you explain to our listeners why? And we’ll start with you, Ash.

Ash Hall:

So, COVID-19 required multiple countries to shut down their economies, in some cases almost overnight and with little or no warning. Stay at home orders resulted in high unemployment rates due to daily business operations coming to a standstill. And this resulted in supply chain interruptions, which ranged anywhere from minor to severe, depending on the exact location where the manufacturing was taking place as each country, state, and city had different lockdown guidelines and timelines.

Ping Maltbie:

So add to what Ash said, I know the entire global supply chain model was also brought into question as pandemic exposed the risk associated with over-reliance on Tier 1, Tier 2 suppliers. So the first shock fell back in January. During the Wuhan lockdown was supply shock, where various supply sources from Wuhan was suddenly cut off, and the state of dependency was made even more apparent as it came down to the availability of masks and ventilators. Prior to the pandemic, over half of the world’s masks were made in China. So a recent April Forbes article mentioned how China was able to nationalize n95 mask manufacturers, making it harder for buyers here to actually get their hands on them.

Ash Hall:

Yes. So as we can see, supply chain directly impacts product availability, and building supply chain integrity is essential to minimizing our risks. Questions like, who are your vendors exactly? Are they domestically owned and managed? Where are their foundries?

Ralph Guevarez:

Now you mentioned minimizing risk. What are some risks from a management, ownership, and manufacturing standpoint that impact availability? And also, what are some of the alternative sources of supply?

Ash Hall:

Yeah, good question. I guess the first one I’d state is, if the supply is cut off or delayed due to political tensions, a worldwide crisis such as COVID-19, or the vendor goes out of business, it results in material interruptions that can hold up manufacturing, results in delays in delivery, and could result in loss of business.

Ash Hall:

The second point is, a good could also be altered to be counterfeit. This could happen purposely or accidentally. Subsequently, if the part was used to make another product, it could impact the way that end product reliably functions. Worse yet, if that end product was used for a critical or sensitive application, it could become a security threat. An example of this would be a piece of IT infrastructure utilized to launch a weapon.

Ash Hall:

The final point would be alternative sources of supply are extremely important. Having only one Tier 1 or Tier 2 supplier can be really risky. The vendor could change the cost of the good abruptly, and you may have no choice but to pay the price differential to avoid an abruption of supply.

Ping Maltbie:

So in addition what Ash talked about source of supply is important, we also believe that management ownership may be even more important than where a manufacturer is, especially if you are creating a product that is critical to national defense or nationwide infrastructure. So supply can be abruptly cut off, held hostage, shut down, or refuse to due to political economic reason with little or no legal ramifications. So the Forbes article I mentioned before, for example, questioned if China had taking control of or banned major Chinese owned and n95 mask from working with our buyers, the lack of supply from China meant the US needed to find an alternative source, which is why so many companies currently stepping up and offering to manufacture masks and ventilators in the US. So this pandemic basically highlighted how over-reliance on offshore supplier was a grave business and in this case really, also a health risk.

Ash Hall:

Yeah. Another point to make, consequently as a company, you must have internal processes in place for risk management that manage suppliers, addresses how much inventory you have on hand, identifies alternate sources of supply, and you need to have emergency protocols.

Ralph Guevarez:

Ping, what has Mercury been doing to drive transparency into the supply chain and reduce these risks? And also what additional assurances are we offering our customer base?

Ping Maltbie:

So Ralph, as you pointed out in the beginning of this podcast, Mercury really takes a zero trust approach to our suppliers and have taking strides to ensure our suppliers are who they said they are. So we served our key suppliers to assess their cybersecurity infrastructures. And if they need FAR 52.204-21, which is the basic safeguarding of covered contract information systems and DFARS 52.204-7102, which is safeguarding covered defense information and cyber incident reporting. So this really helps protect any sensitive product development information that we may share with our suppliers from beginning to keep them from compromised by a cyber-attack. For those suppliers that Mercury really… And working with them, if they don’t meet our initial requirement, we work with them to meet it.

Ping Maltbie:

And the second was, we pinpointed potential supply chain gaps, and on the standard not all parts are created equal. So therefore we committed to building products that are highly available and also trusted. So our supplier database really contains various information, such as if they meet DFAR, FAR requirements and also where they do their manufacturing. So we can provide an official country of origin for the parts that we purchase, and in fact, even some of the insights on their Tier 1, Tier 2, Tier 3 layers of origin.

Ping Maltbie:

So lastly, we are a US managed and owned company and have several in-house manufacturer facilities that offer additional insurance to our customer base.

Ralph Guevarez:

Ash, from what Ping just stated, being a US managed and owned company is important to deliver high availability. What else is important to deliver more from an assured supply chain perspective?

Ash Hall:

It’s important to work with companies that have multiple domestic locations, production sites, and employs US citizens, including those with necessary security clearances. This is important in terms of availability as you wouldn’t be reliant on just one site or a small group of individuals to maintain business operations.

Ash Hall:

Second, organizational structure matters because in times of need, it’s important to be nimble. A matrix organization promotes mind share flexibility and information flow.

Ash Hall:

Third, we actually saw how vital this was during the pandemic as most of our employees could transition to work from home as we already had a secure remote IT infrastructure in place. Key individuals working in production, shipping, and manufacturing were able to safely continue getting critical products to our customers. Because by transitioning the other employees to work from home scenarios, we were able to ensure proper social distancing and health protocols for those required to be in the office. We saw different closure times for our facilities based on statewide laws and were able to leverage resources across all of our facilities so that we didn’t have a single point of failure.

Ash Hall:

And finally, there are also other security benefits to dealing with domestic owned companies. For example, in 2015, the US Navy had to rip out and replace all of their IBM blade servers after the IBM server business was acquired by Lenovo, the Chinese owned company. The Department of Homeland Security was concerned about security and subsequently placed government restrictions on procurement of these servers.

Ralph Guevarez:

Now given all the risks related to availability, why haven’t we seen more companies that support defense and critical infrastructures move their supply chain back to the US? Why haven’t we seen this massive shift?

Ash Hall:

There seems to be an underlying belief that costs would soar if production was brought back into the USA. This however is not always true as industries that have done this so far have found that they’re breaking even, or even saving money. Just look at the car companies manufacturing in the United States. It makes sense from a cost standpoint, because it can be more cost effective to produce manufactured goods near to where they’re sold. So why hasn’t this happened more? It comes down to supply and demand. There’s a lack of demand, which requires some additional costs. If the US incentivized production in the USA, they would end up driving demand, which would then compensate for pricing variation making it worthwhile for suppliers to shift their supply chain back to the USA and gradually increase supply. This would be beneficial not only for the economy, but also from a risk standpoint as discussed earlier.

Ping Maltbie:

So I definitely echo what Ash said. I was sent in by my first company, Honeywell International, to manage the Asia supply chain for eight years during 2004 to 2012. And that’s exactly what their company is doing, why they move over there, what we need to do to bring that product back to manufacture back to US. But at Mercury, we know how important product availability is, have focused on secure infrastructure and the capability to build our supply chain diversity.

Ping Maltbie:

So we understand all components have different purposes and that there are some that may be more critical than others. For example, motherboard components such as FPGAs, CPUs, or ASICs can potentially be programmed to see everything in a server or process system. That’s a component like a fan, only serves to cool the system. It has its operational reliability in certain environments. So therefore, from a risk perspective, offshore manufactured chips pose a much greater risk of than an offshore manufactured fan. So this is why we, as a company, invest in secure facilities and Silicon Technologies, which we will be mentioned in a later podcast.

Ash Hall:

So supply chain integrity is definitely a hot topic, specially these days. We hear many prominent leaders highlighting how important it is to have an insured supply. However, without the US incentives that I mentioned earlier, and policies to move critical supply to the US, demand is usually driven by individual buyers or procurement teams who make their own evaluations on whether long-term risks is worth saving a couple of hundred dollars in upfront costs. As an organization, we’re working to control that with more robust central sourcing strategies.

Ralph Guevarez:

I want to take this opportunity to thank you both for joining me today. This information really puts into perspective the effects of COVID-19 and where Mercury stands in the supply chain. Ash, Ping. I wish you both safety and good health. And thank you again.

Ping Maltbie:

Thanks, Ralph.

Ash Hall:

Yeah, thank you, Ralph.

Ralph Guevarez:

This has been another edition of Mercury Now, the podcast series brought to you by Mercury Systems. I am your host, Ralph Guevarez, signing off.