A.P. Moeller Maersk reported its second quarter financial performance this week, and the results included two important signposts for industry supply chains. One relates to validation of the current rise in ocean container transport rates in the current shipping environment. The other is a stark reminder of the potential monetary risks related to cybersecurity. 

The transportation conglomerate’s financial performance headline included an overall $269 million second-quarter loss, fueled primarily by the write down of the firm’s tanker and port operating assets. Revenues reportedly increased 8 percent to $9.6 billion.

The operating unit Maersk Line, the leading ocean container line, performed with $6.1 billion in revenues, an increase of 21 percent and contributed a reported $327 million in profit. Both East-West and North-South segments were reported as profitable in the quarter, with demand outgrowing available capacity for the third consecutive quarter.

CEO Soren Skou indicated to the Financial Times: “We have the strongest fundamentals for container shipping since the financial crisis.”  That translated to an average 22 percent rise in freight rates in Q2, a trend that Supply Chain Matters alerted readers to in both May and June commentaries. Once more, Skou forecasted added industry consolidation observing that smaller lines would not be able to compete with the larger players which are now grouped among three operating alliances to pool capacity and port calls. Mr. Skou went on to observe that while three years ago, there were 20 global shipping lines, now there are 11, and his prediction that in the future, there will be five or six.

The above quantitative data, ladies and gentlemen, is once again the reinforcing signposts of ongoing industry consolidation that favors carriers over shippers. Industry supply chains have likely begun to experience increased ocean freight costs. With the peak shipping period still underway, those cost increases will likely impact operating budgets through the end of this year and into next year. The current industry alliance networks are now the means to leverage rates.

 

Quantified Impacts of Cyberattack

On June 27th, many European and global companies, Including A.P. Moeller Maersk were impacted by a NotPetya malware, which penetrated existing systems via a Ukraine tax system software application.  The shipping conglomerate’s Q2 performance included initial estimates of the impact, although the bulk of monetary impacts will be reflected in Q3 results.

The cyberattack specifically impacted the container related businesses of Maersk Line, APM Terminals and Damco. Cascading system shutdowns paralyzed at least three shipping terminals resulting in the use of manual work-around procedures. Reports at the time indicated that customer calls to terminals were not answered and shipping clerks had little if any capabilities to book or trace container shipments.  Emphasized was that no data breach or data loss to a third party occurred and that full control of vessels was maintained throughout the impacted period.

CEO Skou indicated that it was two weeks before business volumes could be returned to normal levels. He estimated that Maersk Line lost the opportunity towards shipping 70,000 40-foot containers during the first two weeks of July as shipping customers were forced to use other carriers. As a result, he estimates that the attack will cost his firm in the range of $200 million and $300 million, with the hit expected to be in Q3 reporting. He praised customers and suppliers for their collaboration and support during the disruption indicating that many customers took the view that such an incident could have well impacted their business.

Maersk is now in the process of continuing to strengthen its IT security and harden defenses including the ability to isolate cyber-attacks and recover systems and applications faster.

Supply Chain Matters submits a takeaway that with so many industry supply chains and supporting IT organizations being called upon for additional cost cuts, added efficiencies, or zero-based budgeting approaches, organizations can often lose the broader perspective of exposing or adding vulnerabilities to a cyberattack as well as the capability to quickly respond and restore mission critical operations.  Upgrading aging operations support systems and applications security is contrasted to in this specific case, hundreds of millions of dollars in potential impacts to the business. There is also building evidence that hackers understand the specific process vulnerabilities of manufacturing focused supply chains and are specifically targeting such vulnerabilities for ransom.

Many CFO’s when educated to such tradeoffs, would opt towards increasing systems security and business continuity response needs. One would certainly hope that was the case, but these are extraordinary times in business.

We value additional reader thoughts and perspectives.

Bob Ferrari

© Copyright 2017. The Ferrari Consulting and Research Group and the Supply Chain Matters® blog. All rights reserved.