The automobile industry faces increasing challenges in addressing active cybersecurity threats and meeting the demands for enhanced automotive safety and resiliency. NHTSA’s “Cybersecurity Best Practices for the Safety of Modern Vehicles”, September 2022, identified workforce development and continuous education as crucial steps to improve automotive cybersecurity. Therefore, a systematic, comprehensive, and fully validated curriculum targeted explicitly at industry needs is necessary to guide motor vehicle cybersecurity training and education. The Auto-ISAC addressed that need through the ACT Program. The ACT Program is the outcome of careful and extensive work. It has mapped the requisite fundamental and advanced automotive cybersecurity best practices, standards, and regulatory knowledge and created a unified solution.

Design and Development of the ACT Program

• The Automotive Cybersecurity Training (ACT) Team conducted research on existing vehicle cybersecurity training and education from across the globe. 

• This information was reviewed within the Auto-ISAC membership.  Members provided feedback on the curriculum and course array for the ACT Program to ensure it is in line with their needs and the overall transportation industry. 

• Auto-ISAC established a Tiger Team who met regularly to support the development and oversight of the curriculum and to select trainers. 

• The Auto-ISAC Tiger Team helped select the trainees, both experienced and novice cybersecurity employees, to attend the pilot program to ensure that the courses met the current needs of the industry.

• Surveys from the Alpha and Beta pilot were used to determine any course corrections for the training and will be continued to ensure that the ACT will remain current in the changing landscape of cybersecurity.

• In 2024, one year after launching the Fundamentals courses, a new Tiger Team was formed to review materials and confirm they are current and accurate. The courses launched on Auto-ISAC’s own Learning Management System where new testing and labs were added to increase program value.

• A comprehensive “Test Out” was added to determine if a learner can skip the Fundamentals Learning Track entirely and move onto the Advanced courses.

• The Advanced Learning Track is being re-designed and developed as a blended learning or hybrid program. The four courses will sit on the LMS and a one-week, intensive, in-person lab will complement the offerings. This new version of the Advanced Learning Track will be released in 2025.