Advertisement

Auto makers’ ISAC out with cyber best practices guide

The Information Sharing and Analysis Council for the motor vehicle industry published a set of cybersecurity best practices Thursday.
(Getty Images)

The Information Sharing and Analysis Council for the motor vehicle industry published a set of cybersecurity best practices Thursday.

The Auto-ISAC guidance recommends a fairly standard set of precautions — baking in security at the earliest stages of software development; standardized risk management procedures; proactive network defenses; and incident response planning, among others.

‘It’s a high-level document,’ said Jon Allen, a principal at Booz Allen Hamilton and acting executive director of the Auto-ISAC.

He said there would be more detailed ‘playbooks,’ bearing down on individual areas such as risk management. ‘This is what the industry needs to focus on as it prepares the playbooks,’ he said.

Advertisement

He said the best practices ‘will be updated as the threats evolve.’

‘This isn’t a ‘check the box’ exercise,’ he said, ‘It’s not about compliance.’

The aim is to develop ‘a culture of cybersecurity’ in the member companies. ‘You can’t engineer your way out of this,’ he said. ‘Every time you improve your security, the adversary adapts. The only solution was a culture where security was ‘baked’ into everything.’

Shaun Waterman

Written by Shaun Waterman

Contact the reporter on this story via email Shaun.Waterman@FedScoop.com, or follow him on Twitter @WatermanReports. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at CyberScoop.com.

Latest Podcasts