BlueVoyant Supply Chain Defense

Additional Info

CompanyBlueVoyant
Websitehttps://www.bluevoyant.com/
Company size (employees)500 to 999
Headquarters RegionNorth America

Overview

BlueVoyant Supply Chain Defense (SCD) is a fully managed solution that identifies, validates, and mitigates critical cybersecurity issues in clients’ third-party ecosystems. This service is needed as clients struggle to defend against breaches from suppliers, vendors, and other third parties. According to BlueVoyant’s research 81% of organizations reported negative impacts from supply chain breaches over the past twelve months. Third-party breaches have made headlines across the globe because they lead to business interruption, data loss, and reputational damage. As companies’ internal networks are better defended, attackers have look to third parties as a way in, especially for persistent threats like ransomware. SCD helps solve these challenges in a cost-effective manner to improve overall cyber defense.

Traditionally, vendors in the third-party space offer scores for risks but leave it up to already overworked teams to work with vendors to mitigate the issue. BlueVoyant instead offers multiple tiers of continuous supply chain monitoring tuned to vendor risk levels. BlueVoyant offers an expert-led remediation and analysis powered by Risk Operation Center (ROC) analysts. The ROC is like a traditional SOC but focused on third-party issues. The ROC can call suppliers, vendors, and other third parties on clients’ behalf to fix issues quickly.
SCD also includes a highly customizable, AI-driven questionnaire platform to automate assessment creation and distribution, validating that supplier performance is consistent with responses. Traditionally, when a new vendor or supplier is onboarded, they are asked a point-in-time security questionnaire, but this is often unvalidated and not updated.
The service uses AI to protect customers from the latest threats. Whenever a new Zero-day is announced, BlueVoyant will alert clients whether they or any of their third parties are affected. Then, in as little as 90 minutes, BlueVoyant analysts will begin contacting customers’ third parties directly, identifying vulnerable instances and issuing mitigation guidance.

Key Capabilities / Features

BlueVoyant’s Supply Chain Defense is truly an end-to-end service to help solve third-party cyber risk management. The service can be used to onboard vendors and assess threats, the first step of any robust program. Then it is used to continuously monitor for vulnerabilities and issues. This is done in a proprietary way that analyzes massive amounts of data to detect abnormalities. Customers have flexibility to select the right type of monitoring for their vendor tiers, based on risk and business importance. When issues arise, BlueVoyant’s Risk operations Center analysts will work with vendors on the client’s behalf to mitigate issues quickly.


Another key feature is zero-day and emerging vulnerability alerting, which enables clients to find out about the most critical risks and vulnerable instances in their digital ecosystem in minutes, instead of days.


Supply Chain Defense is part of BlueVoyant’s Cyber Defense Platform, which aims to tackle the growing attack surface introduced by the ecosphere of third-party suppliers in addition to the need to defend internal networks. Integrating internal, external, and supply chain defense solutions into a single, cloud-native platform, this solution aims to measure and strengthen cyber defense posture cost-effectively, addressing the expanding mission of security operations teams. Currently, many organizations use many point solutions for their cyber defense, but this leaves them with too many alerts and no clear visibility. The BlueVoyant Cyber Defense Platform solves for this by having one vendor offer industry-leading cybersecurity solutions for multiple key areas, including third-party cyber risks management.


How we are different

AI to predict the severity of threats and find vulnerable instances: BlueVoyant has proprietary AI technology that can predict the severity of new zero-day threats quickly, so clients can react sooner. AI-powered analytics will predict and inform on severity scores for new CVEs at time of disclosure, allowing customers to better comprehend and prioritize the risk. At the same time, BlueVoyant analysts will begin contacting customers’ third parties directly, identifying vulnerable instances and issuing mitigation guidance. This is especially important as cyber attackers are exploiting new vulnerabilities in a matter of days. So clients need to react quickly to be one step ahead of attackers.


Working with vendors to fix issues quickly: BlueVoyant protects organizations’ digital ecosystems end-to-end to mitigate risks while other supply chain defense companies usually give scores or alert clients to threats without mitigation, leaving already overworked internal IT teams left to fix the problem. Instead, BlueVoyant can work with vendors on the clients’ behalf to fix issues quickly. BlueVoyant’s Risk Operations Center analysts assist customers’ security teams by monitoring and guiding their vendors and partners to ensure that their vulnerabilities don’t become customers’ issue. They provide customers with the most contextual information so that they aren’t left in the dark when it comes to third-party risk.


Questionnaire management: Questionnaires remain a critical part if third-party cyber risk management, but are often done in a very dated, point-in-time manner. BlueVoyant has modernized this process with a highly customizable, AI-driven questionnaire platform to automate assessment creation and distribution, validating that supplier performance is consistent with responses. Customers can now validate what third parties tell them and update the data more regularly to have a better sense of their threat landscape.


  • Vote for this Nomination
    (click the thumbs-up icon to cast your vote)

Promote this Nomination

Browse Award Nominations