Cloud computing and software as a service present a special challenge to agencies trying to get a handle on their supply chains. Yet, a cloud-hosted supply chain risk management (SCRM) solution can also give agencies deeper and wider visibility into their supply chains.
That’s according to Cameron Holt, president of government solutions for Exiger. “Cloud computing allows us to really focus our investment and energies on delivering deep, rich and wide supply chain risk management solutions, rather than having to concentrate on the infrastructure,” Holt said during Federal News Network’s DoD Cloud Exchange 2024.
Data is crucial to effective supply chain risk management, he said. Beyond an agency’s own data about its suppliers, supply chain analysis requires the kind of data that could point to problems such as shell companies or entity-level information — for example, whether a single company uses multiple names.
“Exiger really concentrates on consuming massive amounts of data worldwide, both open source and very customized sources of data, to include data from our clients,” Holt said.
The retired Air Force major general said that as a contracting executive, he used this data analytic technique at the service to see into the supply chain for manufactured medical products during the pandemic. “We did not award a single bad contract out of hundreds of contracts awarded, some of them quite large,” Holt said.
To deepen its SCRM offerings Exiger acquired a company called Ion Channel. That integration gives Exiger the ability to “see where the software came from in its various pieces and do the illumination of software bills of material, which is becoming increasingly important,” he said.
Why to use cloud-based AI for SCRM
Holt urged agencies to get past what he called the government’s gun-shyness about adopting SaaS more widely. One reason? The variety of artificial intelligence services hosted in clouds.
“For supply chain risk management, it’s more beneficial to understand it all the time and have it continuously monitored with the best AI out there,” he said.
Holt added that SaaS products can benefit other cyber capabilities too:
Speed engineering design: For instance, an agency could use digital twins in the manner of F1 racing, where “you can do literally thousands of design iterations with the entire supply chain in a government reference architecture and understand how your changes are going to show up on the manufacturing line.”
Keep pace with bad cyber actors: “Increasingly, as we face very sophisticated adversaries around the world, we need to understand which capabilities we should invest in that really move the needle in return on investment versus adversary capabilities.”
Bring new capital and nontraditional vendors to the defense market: Holt described what he called practice fields, “where you can have venture capital firms that actually have physical locations that are cleared facilities.” The facilities could host “defense contractors, large and small, and also nontraditional contractors to design their own defense products using the toolsets for digital engineering and digital twinning.”
Ultimately, ROI comes from cost avoidance, he said. Cloud computing and SaaS that includes the latest engineering and AI tools will let the government “not try to reinvest or duplicate the cost of hundreds of millions of dollars that have gone into these sophisticated solutions.”
By taking advantage of that investment, “there’s going to be a lot more focused investment from the government in important areas, not just supply chain risk management, but in areas that don’t exist today like funds to actually mitigate those risks,” Hold said.