Cybersecurity platform vendor BlueVoyant has acquired 202 Group as it targets US federal government supply chain. 202 Group has two separate platforms 202scrm and 202scout. BlueVoyant plans to integrate the 202scrm with its cyber-risk management platform. The result will be the BlueVoyant Supply Chain Command.
Jim Rosenthal, CEO of BlueVoyant, said: “Simply put, there is nothing like this on the market. The US federal government has implemented policies and procedures to ensure the security of its myriad supply chains. We are proud to join in this effort by delivering advanced technology solutions backed by elite experts with the knowledge needed to help reduce risk to government entities and their mission-critical programs.”
What will the BlueVoyant Supply Chain Command deliver?
BlueVoyant is describing it as the “most comprehensive supply chain risk management solution in the market with capabilities designed to manage strategic, cyber, operational, tactical, financial, and compliance risks.”
It’s a grand claim and one that BlueVoyant believes it can back. It has listed five things that the new platform will deliver:
- End-to-end, third-party cyber risk management designed to proactively identify cyber risks in agency-wide and program-specific vendor ecosystems and proactively remediate issues before threat actors can exploit critical vulnerabilities
- Discovery and mapping of third- and fourth-party vendors in agency supply chains using advanced machine learning capabilities
- Geo-specific industrial base reporting to help government entities better understand risks in their supply chain based on geographic factors including adverse weather conditions, natural disasters, and climate change
- Identify foreign adversaries’ investment into or control of suppliers that could increase the risk of IP theft, industrial sabotage, and espionage
- Vendor viability monitoring to continuously check financial and contract performance risks including layoffs, bankruptcies, lawsuits, and other indicators
The features appear to be very wide-ranging. The question is how well they can be mapped to the often complex environment of a government supply chain. That is because government supply chains differ by department. What is used by the general administration does not work for the military. Similarly, other branches will have their own suppliers and control systems. Can BlueVoyant make its Supply Chain Command flexible enough to meet all requirements?
Also missing here is any mention of the 202scout platform. Will that be absorbed into this solution, or will it be phased out?
Enterprise Times: What does this mean?
Acquiring 202 Group will accelerate BlueVoyant’s US federal government business. It will also have potentially significant benefits for its commercial customers. By working with the federal government, it will have earlier and greater insight into new compliance controls. It will be able to use that knowledge to ensure its other compliance solutions are updated quickly.
Another benefit is scale. Government supply chains, especially those around military equipment, dwarf the supply chains of any individual company in scale and complexity. They also integrate with those suppliers, large and small. 202 Group talks about seeing the fifth and sixth tier of a supply chain, yet BlueVoyant only talks about third and fourth-party vendors. It seems a missed opportunity.
If BlueVoyant can also provide its Supply Chain Command to some of those large suppliers, such a Boeing, it can then have visibility down to the seventh, eighth or even deeper level. It will also see a much more diverse set of downstream suppliers. From a security perspective, that is a level of knowledge that would be hard for BlueVoyant’s competitors to match. It would also give BlueVoyant a vast knowledge and intelligence base to build new solutions.
As a cloud-native business, can BlueVoyant adapt its solution to also attract those mid-sized suppliers? If so, that depth and breadth of vision across the supply chain gets even larger.
Overall, this is a good move by BlueVoyant, and it will be interesting to see how much additional business it brings in.
