OUR LIVING, FUNCTION-BASED APPROACHES HELP MANAGE VEHICLE CYBER RISK
Best Practices
Our Objective: The Auto-ISAC aims to showcase the industry's proactive collaboration in safeguarding consumer safety through vehicle cybersecurity.
Our Method: Define best practices for securing the vehicle ecosystem and provide recommendations for implementing the guidelines.
Our Best Practice Guides focus on key cyber functions and standards. Originally developed by a best practice working group, the Guides are designed to assist automotive industry stakeholders with identifying, prioritizing, treating, and monitoring vehicle cybersecurity risks. The Guides provide guidance without being prescriptive or restrictive. These are
Not Required. Organizations have flexibility and capacity to select and voluntarily adopt practices based on their respective risk landscapes and organizational structures.
Aspirational. These practices are forward-looking, and voluntarily implemented over time, as appropriate.
Living. The Auto-ISAC plans to periodically update this Executive Summary and Best Practices content to adapt to the evolving automotive cybersecurity landscape.
History
Auto-ISAC originally released the Best Practice Guides and Executive Summary in July 2016. In 2024, we reviewed the Guides and determined that a more consolidated version of the content (moving from 7 to 5 Guides) would be beneficial for our Members and public at large. The hard work and dedication of several Member volunteers made the updates and improvements possible, ensuring that the project was completed efficiently and to the highest standards. Their commitment was instrumental in achieving this success.
Download the Best Practices Guides
-
Executive Summary
-
Cybersecurity Management and Operations
-
Cybersecurity Awareness and Training
-
Cybersecurity Governance, Risk, and Compliance
-
Third-party Cybersecurity Risk Management
-
Secure Development Lifecycle