BlackBerry has successfully transitioned from being a smartphone vendor to something very different. They still have the leading operating system for automobiles and nuclear power plants (QNX), which is arguably (and has to be) the most secure in segment. The have a variety of mobile management and security solutions, and they still are connected to my favorite smartphone (which we don’t talk about) the Key2.
However, this week, they announced a new US subsidiary in order to deepen ties with the US government and help improve our security. Given the number and depths of the leaks we have, particularly in the US military, this new subsidiary could be critical to the long-term health and viability of the United States because, currently, we are bleeding defense-related information at an alarming rate.
Let’s talk about why this new subsidiary is important to both BlackBerry and particularly important to the US government.
Dealing with the US Government
For a brief period of time I did government contract audits for IBM and I learned that this was not an area that I even remotely enjoyed. The US government can fill buildings with paperwork and requirements, while demanding “most favored nations” clauses that demand they get the lowest price. So, they are more expensive to deal with than private industry, by a considerable degree, and they typically given you some of the smallest profit you’ll likely get. Fortunately, contracts tend to be huge so, as long as there is a profit (and often there isn’t) you can sometimes make decent money on volume.
If you are an overseas vendor, the requirements go up and you are at a disadvantage against domestic vendors which are often given advantages in bidding. This means you generally need to have a domestic subsidiary that can present as a native company if you want any chance of winning a bid and actually making money after you deliver the solution.
Now, if you are going to build a subsidiary to do this you need to have it heavily staffed-with people that know how to deal with the US government with the best practice being to hire someone who had a management position in it. BlackBerry did exactly that by hiring retired Coast Guard Rear Admiral Robert “Bob” Day to run their operation.
Bob’s new organization can now better isolate solutions being created for the US government—and particularly the US military—to avoid the concerns that a foreign government, even Canada, is exerting undue influence on the result. (This is likely something Huawei will eventually figure out they need to do as well). This also allows them to comply with ever more aggressive requirements like the Federal Risk and Authorization Program (FedRAMP) and Agency/Component Authority to Operate (ATO) Certifications.
FedRAMP is a US government wide program that provides and mandates a standard approach to security assessment and authorization and provides continuous monitoring for cloud products and services utilized by federal agencies. This do-once, use many times, framework potentially reduces an estimated 30 to 40 percent of related procurement costs while reducing substantially the resourcing (staffing) and time needed to do security assessments. As we move to an IoT world, even in the US government, it is programs like this that help keep the related costs from going vertical.
In short, this subsidiary should be vastly better at selling into the US government with the likely result being far fewer and less damaging breaches going forward.
John Chen, BlackBerry’s charismatic CEO, has executed well again by creating a unique solution to what was undoubtedly a painful trend in the US government to lock out foreign vendors even from countries as friendly as Canada. This new subsidiary should be able to deliver BlackBerry solutions faster, at a lower cost, and at a higher profit than BlackBerry corporate can now do, and this sets an example of a best practice for dealing with any government but particularly the US government because most all favor local companies.
This should lead to a more successful BlackBerry, and more importantly, a more secure US government, and particularly, a more secure US military.
*** This is a Security Bloggers Network syndicated blog from Security – TechSpective authored by Rob Enderle. Read the original post at: https://techspective.net/2019/03/15/blackberry-moves-to-strengthen-ties-with-the-us-government-thank-god/