How the Ukraine war exposed hidden supply chain risk

Executive overview

Most companies don't know who their tier 2 and tier 3 suppliers are — and the war in Ukraine made that ignorance costly. At least 300,000 global companies have been impacted, with software and IT among the most exposed sectors. Interos CEO Jennifer Bisceglie argues the solution is continuous mapping and monitoring, not annual surveys.

Supply chains built for "just in time" efficiency are structurally fragile. The shock of Ukraine-Russia sanctions is forcing a wholesale rethink of operational resilience.

The supply chain is now a brand and reputation issue — not just a logistics problem.

The scale of exposure

• Interos identified 190,000+ US firms with direct or indirect connections to Russian or Ukrainian suppliers
• 110,000 European firms are similarly connected
• Top 20 aerospace and oil and gas companies alone share over 1 million interrelated connections
• Software and IT account for 14% of US tier 1 connections in Ukraine, 11% in Russia
• Cybersecurity attacks through the supply chain rose 300% during this period

Tier structure: why proximity matters

• Tier 1: suppliers you have a contract with — you know them
• Tier 2: who your tier 1 suppliers rely on
• Tier 3: who tier 2 suppliers rely on
• A disruption at any tier cascades upward — one event among 20 connected companies ripples across 1 million+ relationships
• Many companies still tracked supply chains on Excel spreadsheets as recently as 2020

The bullwhip effect

• When severe disruption hits, large buyers hoard scarce materials (e.g. titanium, palladium, neon gas)
• Hoarding by major players starves smaller buyers reliant on the same sources
• The "whip crack" at the tail end of the supply chain can devastate companies that thought they were unaffected
• Pandemic was a slow ripple; Ukraine-Russia sanctions are a hard cut

What resilience actually requires

• Accept exposure as universal — no industry is safe
• Map the full extended supply chain, not just tier 1
• Shift from annual surveys to continuous, automated monitoring
• Build an operational resilience plan before a crisis hits — "when we get hit, not if"
• Diversify sources; give other markets (India, others) the opportunity to enter supply networks

The Interos I-score

• Monitors 350 million business entities across 220+ risk categories
• Scores six categories: financial, cyber, ESG, restricted countries, geopolitical, operational
• Aggregates into a single I-score with drill-down detail for action decisions
• Covers the company plus its next two tiers of suppliers
• Designed to alert only on material changes — avoids alert fatigue during high-volatility periods

The upside: a more resilient global economy

• Crisis is forcing companies to move beyond fragile "just in time" supply chains
• Diversification opens new market opportunities for India and other economies
• ESG and ethical sourcing are now mainstream — consumers buy based on supply chain provenance (e.g. Nike showing sneaker origin)
• Supply chain health is now a board-level discussion, reviewed at least twice a month
• Companies that build resilience now will hold a long-term competitive advantage