Using APIs to rewire supply chains in 2023

Events over the past few years have left supply chains in tatters. Wild and unexpected demands brought on by the COVID-19 lockdowns, as well as the Suez Canal blockage in 2021 and the ongoing war in Ukraine, have all compounded to create an environment in which tech supply chains are under maximum strain.

The issues that supply chain challenges present to an organisation are myriad, but chief among them, arguably, is that data becomes difficult to visualise and interpret. When the data becomes difficult to read, the ability to generate actionable insights, such as accurate predictions about customer demands or distribution bottlenecks, becomes more difficult and over time the business will slow at unsustainable rates.

“Supply chains are at their most efficient when there is clear visibility of the latest customer demand,” says Andrew Fowkes, director of retail practice at analytics software development company SAS. “The reality for many businesses is that data silos within supply chains stop efficient decisions being taken in a timely way.”

Although many organisations are over the worst of their supply chain woes - only 23% of chief economists expect supply chain disruptions to have a significant impact on businesses in 2023 - there’s no excuse to get lazy when it comes to keeping on top of your APIs.

Put data in motion

APIs can help with data sharing - a key capability for maintaining a healthy supply chain. “They create a standard way to access data and make it easier and quicker to extract data from all points in a supply chain,” says Tom Fairbairn, distinguished engineer at event broker Solace. But having access to the data is only part of the solution – the data needs to be in motion.”

The solution is event-driven architecture (EDA). Data from one source, such as a warehouse management system’s notification of low inventory, can be sent downstream to multiple other systems without altering it.

“This is like when you go on holiday and take a travel adaptor as a practical way to interface between different electrical plugs and sockets. APIs act as travel adaptors of organisational data; an EDA is the 8-way, 100-way, or 1,000-way extension lead,” explains Fairbairn.

Solace has worked with fast-moving consumer goods giant Unilever to tie its logistics and shipping APIs together. Previously, the company struggled to gain visibility into its 12,000 containers spread across 1,500 ships. An EDA was used to create a virtual control tower that enables the company to see where containers are sitting idle and then reschedule them.

“When the Evergreen blocked the Suez Canal, supply chain managers were faced with a difficult choice: should ships be rerouted around Africa or wait an indeterminate amount of time for the canal to reopen?” says Fairbairn. The virtual control tower meant Unilever could see the impacts of these delays and plan accordingly.

Reduce cyber risks

As an increasing number of businesses digitise their operations and shore up their supply chains, there will be thousands upon thousands of endpoints sharing data. This makes supply chains more vulnerable and leaves any weak links exposed to cyber attacks.

It’s an especially concerning phenomenon given that according to recent figures from the UK government, supply chain security was identified as a top-ten key component in protecting an organisation, but the least acted upon.

“The overall systems themselves are often well-protected, but less so are the interfaces that connect the systems,” warns Sven Brüggeboes, IT procurement expert at supply chain consultancy Inverto.

“If an API is breached, it doesn’t only allow access to a few data points, but the whole system. Supply chains are attractive because of their large attack surfaces and the large volume of sensitive data on offer if an attack is successful,” he adds.

Nick Rago, field CTO at Salt Security, stresses that IT decision makers up and down supply chains need to increase their awareness of the APIs that exist within their infrastructure. They need to be using tools that can automatically identify internal, external, and third-party APIs and their parameters, so they have detailed knowledge of their supply chain’s attack surface.

“IT decision makers need to ensure that they assign members of their team to be responsible for the APIs in their company,” says Brüggeboes. “It requires ongoing efforts to monitor and test these tools and to set up whole life cycle management, not just implementation.”

Consider the long-term benefits

Staying on top of cyber security requires the right talent with the right skills. However, according to the WEF’s annual Global Cyber Outlook released at Davos, the cyber security skills shortage will remain a big challenge in 2023. The impact of this will be felt throughout supply chains. Despite the near-term talent shortage, the benefits of implementing APIs now should pay off in the long term.

A major advantage of APIs is that they reduce the need for manual input, which in turn means fewer administrative or human errors, Brüggeboes points out. APIs also allow businesses to communicate more effectively with other stakeholders in their supply chains, helping them to stay on top of disruptions and then execute responses more efficiently, quickly and cost-effectively.

After a few years of delays and unpredictability, businesses will be under pressure to ship and deliver to customers on time. Speed will be of the essence and having access to data from all endpoints in their supply chain will be vital.

As Fowkes puts it: “If businesses can use historical demand to understand demand and capacity for today and tomorrow, they can steer products and goods through the complexity of the supply chain.”