Ashley Smith
21 May 2024
TAZAAR’s Security Journey with the 'Secure Innovation Security Review' Programme
At TAZAAR, the security of our digital identities and traceability solutions for high-value electronics is paramount. As we continue to navigate the dynamic landscape of cybersecurity, we are proud to share the positive outcomes and advancements resulting from our participation in the Secure Innovation Security Review programme, backed by the UK's National Cyber Security Centre (NCSC) and National Protective Security Agency (NPSA), and supported by security & risk consultancy Linton Dragon Ltd.
Strengthening Our Security Framework
TAZAAR was put forward for the programme by Innovate UK Growth due to our role in the secure handling of commercial, personal and supply chain data. The comprehensive review, completed in March, provided us with invaluable insights into our security posture. Here are some key takeaways and the strides we’ve made since then:
Recognised Strengths:
Security Culture: With two of our three executives having military backgrounds, we possess a robust security culture and a high level of security awareness.
Physical Security: Minimal physical security risks due to multi-layer site access controls.
Technical Measures: Our use of Cloud infrastructure provides a solid foundation for organic technical security.
Key Findings and Progress
Cybersecurity Focus: Given our secure physical environment, the primary focus is on mitigating cyber threats. We recognise the potential for cyber attacks from competitors, hackers, and malign actors targeting our sensitive product and client data.
Cloud Infrastructure: The review highlighted the risk of vulnerabilities in our back-end cloud configuration. Since then, we have enhanced our cloud security protocols, ensuring robust assurance verification processes are in place.
Home Working Environment: The potential risks associated with domestic wireless and IOT technologies were identified. We have since implemented stricter security measures for home working setups and portable devices.
Third-Party Integrations: Our integrations with third-party CRM and ERP systems introduces new security considerations. We have adopted stringent vetting and continuous monitoring practices to ensure the security of these integrations.
Global Expansion: As we expand into the EEA, we are proactively aligning our operations with regional Data Residency and Local Privacy Laws. This will ensure compliance and protection of our global clients' data.
Continuous Improvement
While the review acknowledged our strong foundation, it also highlighted areas for enhancement. With board-level buy-in, we have swiftly acted on the recommendations, making significant progress in our security posture. Our commitment to continuous improvement ensures that we remain at the forefront of cybersecurity, protecting both our intellectual property and our clients’ data.
Looking Ahead
TAZAAR stands at the cusp of an exciting journey. Our early foothold in a relatively uncontested market positions us for significant growth. By fortifying our security measures and addressing potential vulnerabilities, we are not only protecting our assets but also instilling confidence in our stakeholders and potential investors.
We are dedicated to maintaining our position in the market through relentless focus on security and innovation. Participating in the NCSC- and NSPA-backed Secure Innovation Security Review programme has been instrumental in this pursuit, and we are grateful for the guidance and support it has provided. Next, we are aiming to achieve Cyber Essentials Plus certification.
Stay tuned as we continue to evolve and enhance our security capabilities, ensuring that every product's story remains secure and trustworthy.
Find official guidance on maintaining security within your own organisation here.
#CyberSecurity #SecureInnovation #DigitalIdentity #TAZAAR #NCSC #NSPA #DataProtection #Innovation #BusinessGrowth