Risk and Crisis Leadership Update
16 June 2021
"This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, Chief Executive of JBS USA, following the announcement the global meat processing company paid $US11 million ($14.2 million) to a criminal organisation to end a five-day cyber-attack.
JBS is Australia’s largest meat and food processing company, with 47 facilities across the country including abattoirs, feedlots and meat processing sites, employing around 11,000 workers.
The company said it paid the money to mitigate any unforeseen issues related to the attack, ensure no data was exfiltrated, and prevent any potential risk for customers following the attack that shut down some operations in Australia, Canada and the US.
Market analysts have described the payment of the ransom and the public announcement of the payment sets as a "dangerous precedent". This follows a report in May that Colonial Pipeline paid hackers nearly $4.5m after an attack forced the firm to stop transporting fuel, and the claim that 10 companies paid between $US300,000 to $US10 million.
While the company claims that they took immediate action, suspending all affected systems, notifying authorities, and activating the company’s global network of I.T. professionals and third-party experts to resolve the situation, some 7000 Australian workers were stood down indefinitely as the attack unfolded. One employee saying "the computer system's down, the telephone system's down. I believe the gas to the plant has also been cut off, because I think that's controlled by their own computer systems."
Trebuchet Pivot comments.
IT protection, secure data warehousing and business continuity plans will only get you so far. Often executives and boards will have to make decisions with wide-reaching, sometimes global ramifications.
In complex business environments where all impacts are difficult to predict, it is important to have a leadership team prepared to make well-considered and deliberate decisions, when it counts.
Some market analysts have questioned the decision, claiming it sets a dangerous precedent. Business decisions will nearly always have ethical considerations. Your decisions, while legal and correct to protect your business, may not sit right with stakeholders or align with social expectations. In this incident, it can be argued that paying the ransom demand encourages further large-scale cyber-crime. How would you decide?
The world is facing a global shortage of semiconductors and it is likely companies will still be affected until the first half of 2022. The shortage of components has led to the price of some chips sky-rocketing more than 30-fold.
Semiconductors are an essential component of devices, from cars and factory machinery to dishwashers and mobile phones. Like many current global challenges, this shortage initially began as a result of the COVID pandemic.
When the world started working and studying from home new equipment was needed to establish temporary offices and classrooms in our homes, prompting increased demand for many devices.
Concurrently, the industries that make these devices also had to stop production for a time, and during that period they stopped ordering semiconductors.
Workers at semiconductor factories around the world were unable to go to work as plants closed and production halted, which led to a lack of supply.
The movement of that supply was also slowed down by tighter restrictions at ports and international borders.
The automotive industry has been hit particularly hard, illustrating the scale, complexity and vulnerability of modern supply chains. A car is made of thousands of components, sourced suppliers around the world. If even one of these components isn’t available at the time of assembly, the system halts and new cars cannot be completed or shipped.
General Motors had to stop production at some of its manufacturing facilities as a result of the chip shortage earlier this year, costing the company at least US$2 billion. Back in March 21, President Biden has called for $37 billion from Congress to boost U.S. semiconductor manufacturing in an attempt to curb to issue.
Trebuchet Pivot Comments.
This is a slow emergence yet high impact crisis facing Australia. While on the home front, perhaps we can hold off our next tech purchase, but for industries reliant on technology, this could have a dramatic effect. Like many risks that emerge from the COVID-19 pandemic, it may be the second or third order effects that hit businesses hardest. Those risks which are more difficult to predict and track.
Now is the time to scenario plan, including financial modelling, to understand the impact this situation could have on your business, and your stakeholders.
Throughout the COVID-19 pandemic many have found leadership challenging and lonely. Business leaders are actively seeking advice and solutions for how to manage risk and lead during periods of turmoil. Trebuchet Pivot is your trusted adviser as the world resets from the global upheaval of the COVID-19 pandemic.
Exceptional leadership is critical to protect your people, operations, assets, reputation and value. Trebuchet Pivot provides the insights and experience needed to assist boards and executive teams as they lead their organisations into the next decade and beyond.
We work with business leaders across Australia, helping to:
Build a risk culture where at key risks are controlled
Prepare leaders for the realisation of risks
Develop strategies and contingency plans for emerging issues and managing stakeholders
Benchmark and red-team existing crisis management and business continuity plans