top of page

IoT and Agile product security development - Basis Case Study

Tom Britton

Innovative cleantech start-up Basis recently engaged CyberTeam to help them develop a Product Security Architecture, to incorporate into their product design process. 


Basis product will be a game changer in regards to home electrical safety. Their home surge protection will keep devices & gadgets safe. Reducing the chance of electrocution by up to 80%, with total home electrocution coverage. Working with NZ startups like this is always a pleasure.


Introduction

The complexities of the Basis solution and infrastructure meant a traditional approach to cybersecurity would not suffice to give the necessary assurance.

One of our founding partners, Tom Britton, discussed the impact our work had with the Basis team with Eric Luo, Cloud Architect and Brendon Hale, CTO.




 

Q&A


Can you describe the challenges you were facing before partnering with CyberTeam for security architecture work?

Basis is in a somewhat unique hardware-software product ecosystem that proved difficult for other security vendors to fit their products around. As an early-stage start-up, working around tight deadlines and strict resourcing constraints, we identified an opportunity to assess our architecture roadmap against both entrenched industry security controls and modern IoT attack vectors to ensure the security and resilience of our product at launch.


How did our team's understanding and application of the relevant standards impact the security and delivery of the solution?

Cyberteam were willing to engage early in the design lifecycle, long before we had committed to architectural decisions, and worked with us to understand our products' use-cases and features prior to design.  By then mapping IEEE 62443 standards against cybersecurity risk controls using STRIDE modelling, CyberTeam produced a series of detailed threat assessment artefacts that effectively captured our current cybersecurity standing as well as driving home a holistic roadmap of mitigations. This saved the organisation countless design and engineering hours, thereby streamlining delivery and greatly minimising the exposure of our product and services.


Can you discuss our team's approach during the project?

We embarked on the project with a large number of unknowns and assumptions that needed to be worked through. CyberTeam's dynamic solution, agile project management, and ability to execute under fast-moving conditions was key to guiding us through the complexities and delivering a game-changing result for Basis.


How do you feel about the level of collaboration between your team and CyberTeam?CyberTeam was able to come in and quickly establish multiple levels of communication cadences as well as form effective working relationships across the organisation. This was critical for engagement with key stakeholders and lead engineers enabling CyberTeam to design around and adapt to business and product requirements.


What benefits did our agile, collaborative, and innovative approach bring to the project?

Basis operates across industries that have historically struggled to keep up with evolving cybersecurity threats, presenting both a challenge to integrate into but also an incredible opportunity to lead by example. CyberTeam brought fresh ideas and innovative solution designs to the table, combining operational safety with cybersecurity protections, giving our product a keener edge to disrupt the incumbents.


How have you benefited since the project? Has there been a measurable improvement in your cybersecurity posture?

With the roadmap contributions from CyberTeam, we are already seeing key cybersecurity risk controls and mitigations being incorporated into delivery milestones. And while we still have some specific scenarios to work through, the product's cybersecurity posture is remarkably improved, inspiring further confidence from our partners and customers.


How relevant do you think the skills and approach exhibited by CyberTeam would be for future projects?

We have already begun scoping up more projects spun out of the initial assessment for CyberTeam to help Basis deep-dive into specific mitigations and solution areas, which is reflective of their holistic approach and how well they've upskilled and adapted to a niche engineering problem space.


Would you recommend CyberTeam to your peers and why?

CyberTeam is an awesome trusted cybersecurity partner because of their amazing working culture and attention to detail in their delivery and execution.


 

You can read more about Basis’ game-changing smart panels at wearebasis.com


To hear more about what CyberTeam can do for your organisation, drop us a line at info@cyberteam.co.nz* 

133 views
bottom of page