Citation Edit

Auto-ISAC, Automotive Cybersecurity Best Practices (July 21, 2016) (full-text).

Overview Edit

This publication provides individual automakers (manufacturers and their suppliers) guidance on implementing cybersecurity in their vehicles. The Automotive Information Sharing and Analysis Center (Auto-ISAC) released this best practices document covering organizational and technical aspects of vehicle cybersecurity, including governance, risk management, security by design, threat detection, incident response, training, and collaboration with appropriate third parties.

This document calls on automakers to design software to be secure from the ground up and to take a careful look at risks to connected vehicles as part of the design process. Automakers are urged to test for and respond to software vulnerabilities, to develop methods for assessing and fixing security vulnerabilities, to create training programs, promote cybersecurity awareness for both information technology and vehicle specific risks, and educate employees about security awareness.

See also Edit