Governance & Risk Management , Security Operations
BlueVoyant Raises $140M, Buys Resilience Firm Conquest Cyber
Deal Will Expand BlueVoyant's Footprint in US Government, Defense Industrial BaseBlueVoyant has purchased an adaptive risk management vendor led by an Army veteran to expand its SaaS footprint with U.S. government and defense industrial organizations.
See Also: 2024 State Of Identity Security in Financial Services
The New York-based managed detection and response vendor said its acquisition of Nashville-based Conquest Cyber will allow BlueVoyant to provide cyber risk maturity and compliance assessments to both federal and commercial customers, said CEO Jim Rosenthal. Existing Conquest clients, meanwhile, will benefit from BlueVoyant's external supply chain defense capabilities, said President Jeff Engle.
"We're kind of like peanut butter, and they're like jelly; when we come together, it's a better outcome," Engle told Information Security Media Group. "It made a lot of sense for us to be able to accelerate some of the things we do really well and take the capability we've built global. At the same time, it's providing something better to both the government sector and the industrial base."
BlueVoyant raised more than $140 million of Series E funding in connection with the Conquest Cyber acquisition despite being well-funded before the deal with a $250 million Series D round completed just 21 months earlier. Private equity firm Liberty Strategic Capital and cybersecurity advisory ISTARI led the Series E funding round after separately spearheading the Series D and Series C investments, respectively (see: BlueVoyant CEO on How to Remediate Supply Chain Defense Bugs).
What Does the Conquest Integration Plan Look Like?
Conquest Cyber was founded in 2008, didn't raise any outside funding, and has been led since July 2018 by Engle, who spent nearly nine years in the U.S. Army Special Operations Command. All 100 Conquest employees joined BlueVoyant upon the close of the acquisition, and Engle will lead the company's joint government business going forward.
"We've achieved what I consider to be pretty incredible growth without external investment," Engle said. "But the problem is big enough that there's really no choice other than to accelerate the market adoption of our approach and solution."
Engle plans to unify BlueVoyant and Conquest's platforms over the next six months while maintaining sovereign tech environments for the United States and globally to ensure the federal government can store data locally. The integration will capitalize on artificial intelligence, machine learning and virtual data lakes to offer customers more self-service capabilities and deliver more autonomous operations.
"When we come together, it's a better outcome."
– Jeff Engle, chairman and president, Conquest Cyber
Conquest's existing U.S. government clients today enjoy holistic internal cyber defense via continuous configuration management, managed detection and response and compliance and risk management, Engle said. Becoming part of BlueVoyant will illuminate what the external supply chain looks like for these organizations, allow them to identify potential risks and tie that into Conquest's internal defense.
"For our government customers, this is huge," Engle said. "I know supply chain risk management is top of mind for everyone, and it's been a priority as well for all the software providers."
How Will BlueVoyant Customers Benefit From the Deal?
BlueVoyant's commercial managed defense and response customers, meanwhile, will benefit from Conquest's cyber risk maturity and compliance assessments, Rosenthal said. Conquest will assume responsibility for BlueVoyant's state and local government customers going forward, while BlueVoyant will be tasked with taking Conquest's cyber maturity assessment to commercial customers globally.
"In terms of our ability to serve clients, the combined capability was better than either individual capability," Rosenthal said.
Conquest's defense industrial clientele is primarily focused on larger organizations such as the Defense Department's combat and command units, but the company also serves municipal police departments and energy utilities, Engle said. BlueVoyant, meanwhile, gets most of its MDR revenue from customers with more than 25,000 endpoints, while its supply chain defense clients have at least 50,000 endpoints.
From a metrics standpoint, Rosenthal said, BlueVoyant will focus on revenue, profitability, customer penetration on a sectoral basis and the effectiveness of its selling and retention efforts. BlueVoyant is particularly focused on capturing revenue synergies from the acquisition, which Rosenthal said are equivalent in size to the amount of stand-alone revenue Conquest brings to the table today.
"We're going to be able to take those capabilities we've built for the most sophisticated and well-resourced environments within the U.S. government, translate them to be a commercial enterprise and take it globally," Engle said. "I think that that's going to go much further, much faster as we come together and it gets adopted by thousands of organizations rather than just hundreds."