The dependency of the world’s PC makers on a steady supply of chips from Taiwan is highlighted by tensions in the seas surrounding the island this month. CIOs should take note. Credit: Shutterstock Taiwan’s semiconductor factories, the source of many of the chips used in the world’s PCs, servers, and mobile phones, operate under a constant threat of disruption. The threats are both geological (earthquakes frequently force high-tech plants to shut down despite them being built to withstand seismic shocks) and geopolitical: China considers Taiwan to be part of its territory and has repeatedly said it aspires to the “complete reunification of the motherland.” It regularly illustrates its seriousness about reunification by holding military exercises in the seas around Taiwan, including a mock blockade and land bombardment earlier this month. The US doesn’t have official diplomatic ties with Taiwan, but its Taiwan Relations Act requires it to provide the island with the means of self-defense. The day after China’s exercises concluded, the US began a series of joint military exercises with the Philippines. The drills, running through April 28, include a live-fire attack on a ship and maneuvers in the South China Sea opposite Taiwan. Against this backdrop of preparation for conflict, a new study by the Center for European Policy Analysis (CEPA) highlights how the world’s reliance on Taiwan’s semiconductor manufacturing capabilities exposes it to critical supply-chain vulnerabilities. In “Confronting China and Catching Up on Chips,” the Washington, DC, think tank notes that, while the US may be the source of many of the most advanced chip designs, the bulk of the manufacturing happens in Taiwan. “A Chinese naval blockade of the island, or an outright invasion, would immediately cut off supply of nearly all current production SoCs (systems on chips) designed by the likes of Qualcomm, Broadcom, and Nvidia and supplied by them to Apple, Samsung, Dell, HP, etc.,” the study says. Taiwan inside Even US chip firm Intel could be affected. It’s a rarity among the big semiconductor brands in that it has its own fabs, as chip factories are called, to make the chips it designs—but it also outsources some of its most advanced production jobs to fabs in Taiwan. South Korea’s Samsung, too, has its own fabs, although the Exynos chips it makes for mobile phones use designs from Arm, but AMD sold its fabs a decade ago and AMD, Nvidia, and Qualcomm have no fabs of their own. Instead, they rely on contract manufacturers known as foundries to make their chips. The largest foundry is Taiwan Semiconductor Manufacturing Co. (TSMC), which had a 58.5% share of the contract manufacturing market at the end of 2022, according to data from TrendForce. Samsung, too, does contract manufacturing, and has a 15.8% share of the market. Intel’s fledgling foundry business, launched in 2021, has barely a 1% share. Overall, TrendForce credited Taiwan with 66.9% of the world’s chip foundry business at the end of 2022, with South Korea at 16.7% and China at 7.3%. But at the top end of the market, Taiwan wields even greater influence: According to the CEPA report, it makes over 90% of the world’s most advanced microchips, those made with a highly sophisticated process technology of less than 10 nanometers. Network analysis CIOs need to work closely with chief supply-chain officers to understand their risk exposure in the Asia-Pacific region, says Koray Köse, Gartner’s senior director analyst for supply chain research. If your organization doesn’t yet have the necessary analytical tools, now is an excellent time to talk CEOs and CFOs into increasing investment in supply-chain risk management, he says. Those tools will help organizations understand whether they or their network of suppliers are reliant on raw materials, production capacity, or shipping routes in any potential conflict region. Start with your own organization and Tier 1 partners, and then, says Köse, “Determine the critical lower tiers’ vulnerabilities as effectively as possible using both supplier relations and technologies, like graph technology to uncover key chokepoints.” Chain reaction A lack of supply-chain visibility hampered organizational responses to disruptions caused by the COVID-19 lockdowns in March 2020, as well as the blockage of the Suez Canal when the container ship Ever Given ran aground in March 2021. The Suez incident highlighted the importance of knowing where the goods you rely on originally come from, and how they reach you. Each year around $1 trillion in freight passes through the Suez Canal, but the Taiwan Strait, between mainland China and Taiwan, is the most important transportation route globally, says Köse, with over $5.3 trillion in freight passing through it annually. Gartner’s 2021 Supply Chain Risk and Resilience Survey found that 70% of enterprises (and 83% of those with revenue above $1 billion) listed improving visibility among their top three priorities to manage risk in the supply chain. Barely half of companies had 90% visibility of even their Tier 1 suppliers; for Tier 2 and beyond, fewer than 4% of companies had such visibility. Looking beyond visibility Gaining visibility as far up the supply chain as possible is a key first step, says Köse, but it’s not the only action CIOs should take. Committing to key suppliers to secure needed volume can help, but he warns against irrational buying. “While safety stock could be nice to have, it’s largely wishful thinking when it comes to the semiconductor space,” and could needlessly tie up critical capital, he says. And Christopher Cytera, author of the CEPA report that highlighted the geopolitical risks to the semiconductor supply chain, says, “I do not think hoarding is the answer.” If you do buy up stocks, adds Köse, then it’s important to keep them close to where you want to use them: “Goods bought but left in the region may still be exposed to logistics bottlenecks.” He says CIOs should consider diversifying their suppliers to different geographic regions, but acknowledges this can be challenging when it comes to semiconductors since many products IT departments rely on contain chips that started their life in Taiwan. None of these tactics will eliminate supply-chain risk, though, Köse says. Ultimately, it’s about incrementally increasing the time you can keep things running and finding alternatives to concentrated sources of risk. Related content brandpost The steep cost of a poor data management strategy Without a data management strategy, organizations stall digital progress, often putting their business trajectory at risk. Here’s how to move forward. By Jay Limbasiya, Global AI, Analytics, & Data Management Business Development, Unstructured Data Solutions, Dell Technologies Jun 09, 2023 6 mins Data Management feature How Capital One delivers data governance at scale With hundreds of petabytes of data in operation, the bank has adopted a hybrid model and a ‘sloped governance’ framework to ensure its lines of business get the data they need in real-time. By Thor Olavsrud Jun 09, 2023 6 mins Data Governance Data Management feature Assessing the business risk of AI bias The lengths to which AI can be biased are still being understood. The potential damage is, therefore, a big priority as companies increasingly use various AI tools for decision-making. By Karin Lindstrom Jun 09, 2023 4 mins CIO Artificial Intelligence IT Leadership brandpost Rebalancing through Recalibration: CIOs Operationalizing Pandemic-era Innovation By Kamal Nath, CEO, Sify Technologies Jun 08, 2023 6 mins CIO Digital Transformation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe