Local businesses overconfident, underestimating future risks
New research commissioned by McGrathNicol Advisory, in partnership with YouGov, shows that a large majority of Australian business leaders are overconfident and unprepared for future threats to supply chains.
After hitting a peak during the pandemic, concern over supply chain fragility has waned, with nearly all (97%) of the 300 C-suite execs surveyed being very or somewhat confident in their organisation’s ability to navigate risks. McGrathNicol says an underestimation of future risk underlies this notable lack of concern. The report also suggests a misinformed assumption that geopolitical issues, cyber threats, trade disputes and other risks are not a major concern for organisations contributes to the laissez-faire attitude.
For example, only 16% of Australian business leaders believe that geopolitical risks will have an enlarged impact on their supply chain in the next 12 months. And despite consecutive years of front-page, high-profile cyber breaches, 84% do not believe that cyber threats will pose more of a risk to their supply chain in the coming year.
“Australia is completely dependent on local and international supply chains and digital networks. Australian businesses have their heads in the sand if they don’t think that conflicts, cyber attacks or trade disputes, whether locally or internationally, will affect them,” said Matt Fehon, Head of Advisory, McGrathNicol Advisory.
“Geopolitical tensions or natural disasters are just as likely to shut down an essential offshore software development team or call centre as they are to disrupt physical supply chains like shipping lanes and ports. We believe this data shows that business leaders have not grasped the impact that global events such as US and Taiwanese elections, the Hamas–Israel conflict and other regional disruptions will have on their ability to do business.”
Redefining the modern supply chain
Business leaders have an outsized confidence in their approach to navigating future risks. 53% of surveyed executives said they are very confident in their organisation’s ability to deal with future threats to the supply chain, with 94% reporting that they have at least a high-level awareness of their organisation’s supply chain risk management program.
However, this confidence isn’t reflected in the risk management programs themselves. Although financial risk is well covered by organisations’ supply chain risk management programs (57%), other significant risks including cyber risk (27%), counterparty risk (27%), geopolitical risk (26%), supply chain risk (26%) and personnel risk (25%) are less likely to be considered.
“While business leaders are highly confident in their organisation’s approach to managing supply chain risks, it’s clear that this is being driven by a narrow perception of what the supply chain is, and what risks they need to prepare for,” Fehon said.
“Modern supply chains are more than just ships and trucks. We need to update the definition of a supply chain before we can say confidently that we’re able to manage these risks effectively.”
Challenges in risk management
Most Australian business leaders (92%) are aware that the Security of Critical Infrastructure (SOCI) Act requires organisations to develop a risk management plan that comprehensively covers supply chain risk, but more than one in four (27%) say theirs has not been updated in the past two years. This is perhaps understandable, given that many executives (75%) say they’ve encountered challenges when trying to address supply chain risks.
The most common challenges include limited transparency and the inability to source appropriate data on the supply chain (34%), an assumption that the procurement team, logistics team or suppliers are protecting the organisation’s interests (33%), apathy (31%) and lack of awareness and understanding due to limited or no supply chain expertise (30%).
Why the information lifecycle will be vital to data privacy in 2025
Data accessibility, accountability, confidentiality and integrity are becoming increasingly...
You can't win the AI game without a playmaker captain
Kubernetes and containers promise to bring cohesion to the otherwise complex world of modern apps.
Fixing the cybersecurity skills gap in Australia
Industry needs to mend the broken pathway from cybersecurity education to employment.