The Education and Training Standing Committee (ETSC) is committed to strengthening member capabilities and advancing industry resilience. This is achieved by designing and delivering robust training programs tailored to meet the evolving needs of our members and the automotive cybersecurity community.

ETSC initiatives are grounded in Auto-ISAC’s best practices, enriched by the collective expertise of our members, and shaped by real-world lessons learned. By fostering a culture of continuous learning and collaboration, the ETSC empowers members to stay ahead of the curve, ensuring the automotive industry remains resilient in an ever-changing threat landscape.

The Finance and Audit Standing Committee (FASC) serves as a key advisory body to the Board of Directors and Executive Director, ensuring the organization’s financial health and sustainability.

The FASC is responsible for overseeing budget development, monitoring financial performance, and providing strategic guidance on fiscal matters. Through diligent financial planning and oversight, the committee ensures resources are allocated effectively to support the organization’s mission and long-term goals. By fostering sound financial stewardship, the FASC helps to secure Auto-ISAC's ability to deliver value to its members and the industry it serves.

The Information Sharing Standing Committee (ISSC) is dedicated to advancing proactive and efficient information-sharing practices among members. By fostering real-time collaboration and communication, ISSC enhances members' situational awareness and empowers them to respond swiftly and effectively to emerging cybersecurity threats.

The ISSC focuses on identifying, refining, and implementing best practices for sharing actionable intelligence within the automotive ecosystem. By prioritizing trust, transparency, and collaboration, ISSC drives the continuous improvement of the Auto-ISAC's information- sharing framework, solidifying its role as a critical resource for the automotive industry’s cybersecurity resilience.

The Membership and Benefits Standing Committee (MBSC) plays a vital role in shaping and strengthening the Auto-ISAC membership. With a focus on fostering engagement, growth, and collaboration, the MBSC ensures that members derive maximum value from their participation in the organization.

The MBSC oversees membership activities, evaluates prospective new members, and provides recommendations to maintain a diverse and robust membership base. In addition, the MBSC spearheads initiatives to promote collaboration across the membership and partners, facilitating the exchange of knowledge, best practices, and innovative ideas to address the industry’s shared cybersecurity challenges.

The Commercial Advisory Group (CAG) serves as a collaborative forum for industry stakeholders to gain a deeper understanding of the commercial vehicle cybersecurity landscape. Its purpose is to bring together diverse perspectives and expertise to proactively identify, assess, and mitigate cyber risks facing the commercial vehicle sector.

By fostering communication and coordination across organizations, the CAG aims to ensure a more resilient and secure environment for the commercial vehicle ecosystem.

Automotive suppliers play a critical role in enhancing the cybersecurity resilience of the automotive industry, but their challenges often differ from those faced by original equipment manufacturers (OEMs). The Supplier Advisory Group (SAG) provides a dedicated venue for automotive suppliers to voice concerns unique to their sector and collaborate on issues that are distinct from OEM-level challenges.

Through the SAG, suppliers have the opportunity to engage in focused discussions, share insights, and develop strategies to address the specific cybersecurity risks and compliance requirements they face.

The Chief Information Security Officer Executive Working Group (CISO XWG) serves as a critical forum for Auto-ISAC Member CISOs, deputy CISOs, and executive personnel to engage in confidential, high-level discussions on the most pressing cybersecurity challenges facing their organizations and the automotive industry as a whole.

This group offers a trusted environment where top cybersecurity leaders can share insights, best practices, and strategic approaches to addressing complex security threats.

The European Working Group (EuWG) plays a critical role in supporting Auto-ISAC’s vision of one unified global organization, ensuring that our members benefit from a cohesive strategy that addresses their diverse needs. Central to the EuWG’s mission is the facilitation of rapid, global information sharing to address emerging cyber threats before they can spread across multiple regions.

By working closely with European Members, the group ensures that their unique cybersecurity challenges are addressed with tailored solutions and that Member benefits remain aligned with the region's evolving needs.

The IT/OT Working Group provides a dedicated forum for IT and OT cybersecurity professionals to collaborate and share knowledge on complex security challenges facing the automotive ecosystem. This group facilitates in-depth discussions on a broad range of topics, including emerging threats, vulnerabilities, security methods, and cutting-edge research related to both information technology and operational technology infrastructures.

By bringing together experts from both domains, the IT/OT WG enables members to explore and develop strategies to secure not only the digital components of the automotive ecosystem but the critical operational systems that support manufacturing, vehicle operations, and the broader supply chain.

The Japan Working Group (JWG) focuses on fostering communication and cooperation between Japanese companies and their U.S. based operations, ensuring alignment with the global goals of Auto-ISAC. The JWG works to bridge regional and cultural differences by leading, contributing to, and advocating for Auto-ISAC programs that benefit Japanese Member companies.

Through this collaboration, the JWG helps address cybersecurity challenges that are specific to the Japanese automotive sector, while also promoting the integration of Japanese cybersecurity best practices into the global Auto-ISAC framework.

The Legal Working Group (LWG) plays a key role in supporting Auto-ISAC by ensuring that members fully understand the legal protections available to them, encouraging trust and confidence in information sharing. The group works to clarify the legal frameworks surrounding cybersecurity information exchange, providing guidance on how Auto-ISAC members can collaborate more effectively while protecting sensitive data.

Through its efforts, the LWG helps foster an environment where members feel secure in sharing critical cybersecurity intelligence and best practices, knowing that appropriate legal safeguards are in place.

The Product Working Group (PWG) serves as a collaborative forum for technical experts in product cybersecurity, including cyber intelligence analysts, engineers, project and risk managers, and security architects.

The group is focused on enhancing the security of vehicles and the automotive ecosystem by sharing and analyzing actionable intelligence related to vulnerabilities, emerging research, and both current and future challenges in product cybersecurity. Through its discussions, the PWG fosters collaboration among members to develop innovative solutions to mitigate risks and advance best practices for securing automotive products throughout their lifecycle.

The Auto-ISAC Software Bill of Materials Working Group (SBOMWG) was chartered in 2020 to support the automotive industry's efforts in implementing and operationalizing SBOMs. The group was focused on helping members gain practical experience with SBOMs, ensuring they were equipped to manage the growing complexity of software supply chains and associated cybersecurity risks.

Through collaboration, the working group aimed to standardize best practices for SBOM creation, sharing, and utilization across the automotive sector. The group successfully achieved its goals and was stood down in June 2025.

The Auto-ISAC Third Party Enterprise Cybersecurity Working Group (ECSWG) was established to focus on third-party enterprise risk. This group is dedicated to effectively managing third-party information technology cybersecurity risks, audits, and certifications across the automotive industry.

The ECSWG mission is to standardize a robust cybersecurity framework that enhances the resilience and security of the automotive supply chain ecosystem. The group aims to enable Original Equipment Manufacturers (OEMs) to consistently and effectively evaluate the cybersecurity posture of their suppliers, ensuring that the entire supply chain maintains high standards of cybersecurity.