This book examines the ways in which companies can recover from high-impact disruptions. The focus is on the actions they should take to lower their vulnerability and increase their resilience. A notion borrowed from the materials sciences, resilience represents the ability of a material to recover its original shape following a deformation. For companies, it measures their ability to, and the speed at which they can, return to their normal performance level following a high-impact/low-probability disruption.
After 9/11, governments around the world elevated the fight against terrorism to the top of their agendas. The U.S. government reorganized its defense and intelligence agencies and adjusted its foreign policy for that mission. In contrast, the private sector quickly went back to business. The daily pressures to perform—worrying about yields, supplier performance, machine up-time, customer requirements, product launches and market response—quickly overtook most terror worries.
Yet in the United States, and increasingly in Europe, most of the economic infrastructure, such as transportation, energy, retail, manufacturing, and finance, is in the hands of the private sector. In early 2002, a group of researchers and several corporate members of MIT’s Supply Chain Exchange program began a series of discussions to address the rising concerns about terrorist disruptions. It quickly became apparent that there are no clear management guidelines, models, or theories for corporate security and resilience. These discussions spawned a three-year research effort that culminated in this book.
As the research progressed, it became clear that the study needed to expand to include different kinds of disruptions. Many random phenomena, such as earthquakes, floods, and accidents, have just as much impact on a company as a terrorist action. Furthermore, the high frequency of general disruptions provided more data for the research.
Questions raised as part of this research effort include the following:
• How should companies define and prioritize threats?
• What are the common characteristics of all high-impact disruptions?
• Can companies prepare without knowing the type of disruptions they may face?
• How should companies maintain lean operations, which aim to reduce redundancy, without increasing vulnerability?
• Are intentional disruptions fundamentally different from accidents and random phenomena?
• How can disruptions be detected when so many simultaneous events are taking place in the normal course of commerce?
• How can a company build in flexibility so that it can be resilient?
• Should companies always prefer multiple suppliers to singlesourcing?
• What new risks and rewards affect collaboration in this new world?
• What is the role of corporate culture in resilience?
• How can security investments support the main mission of the enterprise? Can they be cost-justified?
This book sheds light on all these questions and more. It is a call for action based on the experience of many companies—those who did well in the face of disruptions and those who faltered. Furthermore, a company is typically a citizen of its supply chain. Thus, the book answers many of these questions with emphasis on the extended enterprise—the web of suppliers, manufacturers, distributors, retailers, transportation carriers, and the other participants in the process of bringing products to markets.