In-brief: An Automotive industry information sharing group has published Best Practices” document, giving individual automakers guidance on improving the cybersecurity of their vehicles.
The Automotive industry’s main group for coordinating policy on information security and “cyber” threats has published a “Best Practices” document, giving individual automakers guidance on implementing cybersecurity in their vehicles for the first time.
The Automotive Information Sharing and Analysis Center (ISAC) released the Automotive Cybersecurity Best Practices document on July 21st, saying the guidelines are for auto manufacturers as well as their suppliers.
The Best Practices cover organizational and technical aspects of vehicle cybersecurity, including governance, risk management, security by design, threat detection, incident response, training, and collaboration with appropriate third parties.
Taken together, they move the auto industry closer to standards pioneered decades ago and embraced by companies like Microsoft. They call on automakers to design software to be secure from the ground up and to take a sober look at risks to connected vehicles as part of the design process.