When it comes to supply chains, people used to establish and maintain trust manually. Now in the digital age, as we move towards globalization, that’s no longer scalable nor reliable.
Rusty Cumpston and Jon Geater saw an opportunity to solve a huge supply chain trust problem and were inspired to build RKVST (pronounced as “archivist”), a platform aiming to bring integrity, transparency, and trust to digital supply chains.
RKVST enables all partners in the supply chain to collaborate and work with a single source of truth, which can be helpful for tracking nuclear waste, storing historical flight data to optimize aircraft flight plans, and much more. The company captures the identity of sources and origin of data, while using cryptography to enforce sharing and visibility rules, and distributed ledger technology to prevent tampering of evidence.
In September 2022, RKVST announced they raised $7.5M led by Ridgeline with participation from Acadia Woods, Cyber Mentor Fund, and Long Run Capital. We recently asked Rusty, the company’s Chief Executive Officer, and Jon, the company’s Chief Technology and Product Officer, to answer some questions about their journey so far and predictions for the future of supply chain technology and RKVST.
How did you become interested in supply chain resilience?
JG: I’ve been working in cybersecurity for a long time now and the crucial thing to remember about that discipline is that it’s not a thing on its own: Security tech and practice has to evolve and respond to changes in the global technology landscape.
As I’ve observed the world becoming more and more connected (in many senses of the word) over the years, the necessary response to this is to move beyond old fortress security models which try to keep everyone out, to one that can safely and securely support these interactions at the digital scale.
Turns out all of these are supply chain problems at their heart, whether dealing with airplane parts or digital twins or pure data.
I came to the realization that there is no such thing as 100% security in any real-world system. Through my experience working on some large and sensitive systems, the model I arrived at that worked best was enabling each player to make their own subjective risk judgment based on delivering reliable signals as quickly as possible. If you know you’re roughly 80% secure, you can move forward as a business. With the old models, if you live in blind hope that you’re 100% secure, then that’s pretty terrifying.
What inspired you to co-found a company?
JG: I got into blockchain early and tried out a couple of pilot projects within my large company that were quite successful, but not big enough to take forward as a product there (for reference, the main portfolio I was responsible for had revenues of several hundred million dollars, so new things have to immediately compete at that scale to get resources).
So when [my colleague] Krishna sold SecureThingz (STZ), it looked like the right time to take this forward and do what startups do best: Grow an idea that’s too challenging in some way for the established players. STZ does the step before what we do, and a successful exit for that proposition suggested that the market would soon be ready for what we were planning.
Why has trust become the biggest challenge in digital transformation and connected operations?
JG: Would you run your car on fuel you found lying around in a rusty can by the side of the road? Probably not. So when much of the engine of industry runs on the fuel of data, you need ways of knowing that the data you are taking from other people doesn’t introduce unnecessary risks to your operations.
Where did their data come from? Are they qualified to say this sort of thing? Can I use this data to make a critical decision? Can I justify all these choices to my auditor later if something goes wrong?
Unfortunately a lot of technological effort in the past 40 years has gone into NOT trusting people and locking the data away, so in the absence of good technology people establish and maintain trust manually. Now is the time that’s no longer tenable. The scale has passed its tipping point.
Tell us about your team: Who’s on it, and how did you meet?
JG: Rob Brown and I met a long time ago when we were on the leadership team of the ARM (semiconductor design company) Secure Services Division, and we later went on to be founders of Trustonic, an embedded secure computation company. So we knew each other and kept up from time to time, and became interested in blockchain at similar times to solve similar problems. I was frustrated that PKI and encryption weren’t delivering what I needed for safety and security of large cyber physical projects, and Rob was finding similar problems with traditional digital identity tech working for IoT.
Another ARM connection links us to Krishna, since his co-founder at STZ was a colleague of mine and Rob’s from our ARM days. I knew STZ well since they were actually a customer of mine at Thales and used our hardware security modules (HSMs) in their solution.
RC: I was an early investor in Krishna’s SecureThingz company which provided a great return and also some keen insight on an opportunity to solve a huge supply chain trust problem. I’ve been building new companies for most of my career, and they’ve all had a key ingredient which is a super talented technical founder addressing a big market need. When Krishna introduced me to Jon, I wanted to be the first investor check into RKVST. There’s a huge trust problem with digital supply chains today that can’t be solved with traditional processes. I was very excited when Jon, Krishna, and Rob asked me to join them in building the business.
JG: Then in the wider team I was lucky to be able to bring on some really strong experienced talent from my former teams: I explained the idea, they loved it, and the original team came with me.
Were there any lessons learned while raising your $7.5M Series A?
RC: I’ve raised multiple Series A rounds in my career, and this one was unique for multiple reasons. Market conditions were changing as we were talking with investors, and significant supply chain trust issues were increasing. Though the broader economic market changed, the interest from investors for high return opportunities with proven teams created a lot of interest in the RKVST Series A. The Ridgeline team and their investment thesis on supply chains proved to be a great match, and we’re very excited to be working with them to build a great business.
Where do you see supply chain technology headed in the near future?
JG: Currently platforms are very siloed, and all the sensing, data storage, and logistics business logic are bundled up together. As more digital twin, multi-stakeholder, and pure digital supply chain use cases (like AI models, software supply chain, insight calculations) arise, there will be a need to consciously split the physical from the virtual, and the data itself from its provenance metadata. We will be ready and waiting with that trust fabric later when they’re ready.
What does success look like to RKVST in the short term and long term?
JG: In the long term we will be winning the battle in a thriving market of data attestation and V&V platforms for all digitally-enabled industries. The world needs to take data integrity much more seriously than it currently does, but it’ll take time for our architectural model and supply chain integrity, transparency and trust (SCITT) to become mainstream. But it will come: Just as people cannot live without the padlock on the browser today, they won’t be able to live without the blue tick on all their imported data and supply chain artifacts in the future.
Why not try RKVST for yourself for free
This article was originally published at ridgeline.vc.