CYBERSECURITY IS DYNAMIC SO LEARNING NEVER STOPS IN OUR AUTO COMMUNITY
Community Calls
The Auto-ISAC holds monthly virtual community meetings for members and connected vehicle ecosystem stakeholders to stay informed of Auto-ISAC activities and share information on key vehicle cybersecurity topics.
Contact us to participate in our monthly community calls. The community calls are held on the first Wednesday of each month at 11am EST.
August 2022: Continuous Automated Vulnerability Management for Safer Cars and Regulatory Compliance
When
August 3, 2022 11:00 AM EST
Who
Gilad Bandel, Business Development & Marketing, Cymotive
What
Continuous Automated Vulnerability Management for Safer Cars and Regulatory Compliance
Description
Real-time vulnerability monitoring will reduce costs during development by addressing them in their early stages. Tier 1s need to provide evidence of proper vulnerability management to OEMs, who in turn are required to submit for type approval to receive compliance certification as per UNR 155. Once the vehicle is on the road, the vulnerabilities must be continuously monitored with specific mitigation tactics for detected critical risk due to newly disclosed vulnerabilities. After all, it’s in the interest of OEMs to avoid any reputation damages and huge costs associated with cyber incidents. We will discuss how OEMs and Tier 1s should address challenges around vulnerability management and in addition, what are the most effective courses of action for mitigating those challenges.
July 2022: The FBI’s InfraGard Program
When
July 6, 2022 11:00 AM EST
Who
Bruce Churchill, Pacific Regional Representative & National Transportation Sector Chief, InfraGard National Members Alliance & Stephanie Scheuermann, Manager- Data Protection Services, Ford Motor Company
What
The FBI’s InfraGard Program
Description
The FBI’s InfraGard Program celebrated the 25th Anniversary of its 1996 beginning in the FBI’s Cleveland Field Office in 2021. Since then, the program has grown to over 75,000 members located in 75 Chapters nationwide. The InfraGard Program is locally/regionally based and covers all 16 of the DHS Critical Infrastructure Sectors. The Program also includes several Cross-Sector Councils and the National Sector Security & Resilience Program. The Program is managed by a national Board of Directors that includes two FBI ex-officio members and is financed through an FBI contract and corporate sponsorships. This presentation will cover InfraGard organization, operations and partnership opportunities.
June 2022: Automotive Firmware, Hypervisor and OS Cybersecurity Made Simpler
When
June 1, 2022 11:00 AM EST
Who
François-Frédéric Ozog, Director of Business Development, Linaro
What
Automotive Firmware, Hypervisor and OS Cybersecurity Made Simpler
Description
Cybersecurity is gaining traction in the automotive industry with ISO 21434 and 24089 being released.
Linaro and its members have been working on similar topics in a broader “industrial” context to address diversity of behaviours when it comes to cybersecurity on Arm processors.
Following intense market push, Linaro is about to create an automotive project and we are thus enhancing our cybersecurity approach to simplify the work of the automotive supply chain players in implementing ISO, UN WP.29 and NIST recommendations/requirements/regulations. The scope of this activity is Arm platform firmware, Xen hypervisor and Linux operating system. It is expected that this work will be leveraged by commercial providers to do the same.
The session will present available technologies on Arm platforms and the associated roadmap. In addition, the implementation routes to proper multi-tenancy in automotive will be discussed. A key challenge to solve is to give tenants such as insurance companies assurance that their data or algorithms are confidential and protected against tampering by any actor.
Topics to be covered:
- SecureBoot, MeasuredBoot,
- Sealed disks (intellectual IP protection and more)
- Firmware and secure firmware OTA with anti-bricking and anti-rollback policies
- Application/container security anchored at hardware root of trust
- Onboarding, provisioning
- Trusted Execution Environments
May 2022: Protecting and Enabling Global Revenue Streams
When
May 4, 2022 11:00 AM EST
Who
Kenneth J. Peterson, CTPRP, Founder and CEO, Churchill & Harriman, Inc.
What
Protecting and Enabling Global Revenue Streams
Description
Problem: There is a particular global confluence of High-Level risks across critical infrastructure that threaten existing and new revenue streams. These risks include those inherent in technical continuity, cyber resilience, and the potential for a ransomware attack. These risks are particularly acute in the relationship between manufacturers and their suppliers. These risks are increasingly manifested globally by two factors: 1) Increased dependence on remote working (usually without a firewall) as a result of COVID 19, and 2) Phishing Attacks and Ransomware. Boards of Directors require IT, and Risk Management executives produce evidence of these risks and the impact of these risks in order to make funding decisions to mitigate these risks and to protect and enable global revenue streams.
Solution: In this presentation, Kenneth will share proven processes and exercises through which these High-Level risks can be identified, risk-ranked, lessened and presented to The Board in order to protect and enable global revenue streams.
April 2022: Public Policy Affecting Automotive Cybersecurity
When
April 6, 2022 11:00 AM EST
Who
Tara Hairston, Senior Director, Technology, Innovation, & Mobility Policy, Alliance for Automotive Innovation
What
Public Policy Affecting Automotive Cybersecurity
Description
Although 2022 is an election year, there continues to be several policy initiatives that impact automotive cybersecurity. Whether traditional issues, such as incident reporting or supply chain risk management, or emerging issues, such as artificial intelligence or regulations of automated technologies, automotive ecosystem partners have plenty to monitor. This briefing will provide a high-level overview of relevant policy issues, how the Alliance for Automotive Innovation engages on said issues, and how the Alliance for Automotive Innovation works to support Auto-ISAC members through its policy work.
March 2022: Become A CyberPatriot Youth Mentor: Validate your Leadership Skills
When
March 2nd, 2022 11:00am
Who
Tamara Shoemaker, Cybersecurity Training Leader, Auto-ISAC
What
Become A CyberPatriot Youth Mentor: Validate your Leadership Skills
Description
Since the 2015 academic year, the regional coalition of schools known as the Midwest Colloquium for Information Systems Security Education (MCISSE) has been dedicated to increasing the number of Middle and High School students who participate in the National CyberPatriot Competition in Michigan by funding and supporting the Michigan CyberPatriot Program. The CyberPatriot program provides hands-on STEM education for students and opens the doors for STEM career pathways. Far too many local School districts and student groups across the country are not yet aware of the program and its advantages.
Join this session to learn how this program works and how you can become a Mentor for this program. Volunteer coaches and mentors are critical for the program’s success. These volunteers don’t have to be cyber experts but should have good technical knowledge. You just need a passion for teaching or mentoring students, MCISSE will show you just how easy it can be to validate your skills and pay it forward.
February 2022: Research into Defending Automobiles Via Intrusion Detection Systems (IDS)
When
February 2nd, 2022 11:00am
Who
Victor Murray, Manager, Cyber-Physical Systems Security, SWRI
What
Research into Defending Automobiles Via Intrusion Detection Systems (IDS)
Description
Modern automotive buses were designed for reliability rather than security. This lack of security means that any node on the bus can transmit a message to any other node and the receiver cannot verify the sender or that the message is unaltered. This presentation will discuss strategies to secure vehicle busses using Intrusion Detection Systems (IDS), with a focus on the Controller Area Network (CAN) bus. An overview of IDS concepts will be reviewed along with SwRI’s specific implementation, challenges that were faced, and the evaluation results. The developed IDS uses digital fingerprinting and application layer detection algorithms to identify anomalies. Bus segmentation is used to isolate agitating nodes and remove anomalous messages.
January 2022: Multi-stakeholder Cyber Crisis Response
When
January 5th, 2022 11:00am
Who
Paul Eisler, Senior Director of Cybersecurity, USTelecom
What
Multi-stakeholder Cyber Crisis Response
Description
In recent years, policymakers throughout the world have recognized the need for multi-stakeholder coordination to address the growing epidemic of cyber-attacks, particularly those that can rise to the level of a “cyber crisis”. Effective strategies and preparedness exercises are essential to responding quickly in serious events. For example, when a power plant has stopped working, a financial system has been disrupted, or people lose access to healthcare services.
December 2021 Community Call: Creating a Ransomware Incident Response Network
When
December 1st, 2021 11:00am
Who
Michael Daniel, President and CEO, Cyber Threat Alliance
What
Creating a Ransomware Incident Response Network
Description
Ransomware has evolved from an economic nuisance to a national security and public health and safety threat. However, we are largely fighting blind against this scourge. We lack reliable, representative data about ransomware’s scope, scale, distribution, and frequency. Further, actionable information about ransomware threats does not reach enough people or organizations. The industry-led Ransomware Task Force made several recommendations to address these two problems and one of those could directly involve ISACs. That recommendation calls for establishing a Ransomware Incident Response Network (RIRN), which would collect incident information and share defensive actions to counter specific ransomware threats. This briefing will discuss the ransomware problem, the proposed RIRN as a way to address a key information sharing problem, and the role ISACs can play in making this concept a reality.
November 2021 Community Call: Autonomous Ground Vehicle Security: Transportation Systems Sector
When
November 3rd, 2021 11:00am
Who
Ms. Katherine McClaskey, DHS Program Lead, U.S. Department of Homeland Security (DHS)
What
Autonomous Ground Vehicle Security: Transportation Systems Sector
Description
In 2020, CISA conducted an internal study and developed a report on autonomous vehicles. This report covers the historical trajectory and trends of autonomous surface vehicle systems, examines the shape of near-term adoption, identifies a threat model to understand and mitigate potential vehicle attacks caused by these systems, and presents ideas for efforts to mitigate these threats. In reviewing the report, CISA determined that the early adopters of autonomous ground vehicles in the Transportation Systems Sector (e.g., mass transit, trucking, and last mile delivery services) may benefit from guidance on potential threats and risk mitigation options. As such, CISA developed the Autonomous Ground Vehicle Security Guide: Transportation Systems Sector.
CISA developed the Autonomous Ground Vehicle Security Guide: Transportation Systems Sector based on the internal autonomous vehicles report, open-source research, and coordination with the Transportation Security Administration’s Surface Policy Division and the Department of Transportation’s Office of Intelligence, Security, and Emergency Response. Specifically, CISA developed the product to help Chief Security Officers (CSOs) and Chief Information Security Officers (CISOs) within the sector to understand the risks associated with autonomous ground vehicles and implement strategies that can greatly reduce risk to people and property.
October 2021 Community Call: The National Insurance Crime Bureau: An Overview and Discussion About the State of Vehicle Theft
When
October 6th, 2021 11:00am
Who
Mr. Darrell Russell Director of Operations-Vehicles, National Insurance Crime Bureau (NCIB)
What
The National Insurance Crime Bureau: An Overview and Discussion About the State of Vehicle Theft
Description
The National Insurance Crime Bureau (NICB) is the nation’s premier not-for-profit organization dedicated exclusively to fighting insurance fraud and crime. NICB is supported by more than 1,200 property and casualty insurance companies, rental car companies, self-insured organizations, and strategic partners. The mission of NICB is to be an intelligence-driven and operationally focused organization that leads a united effort of insurers, law enforcement agencies, and representatives of the public to proactively identify, combat, and prevent insurance crime. NICB partners with a variety of strategic partners (including automotive manufacturers) to fight these crimes and in recent years has become keenly aware of security issues associated to automotive electronic control units and the exploitation of these systems.
September 2021 Community Call: Introduction to the Global Cyber Alliance
When
September 1st, 2021 11:00am
Who
Ms. Kayle Giroud, Partnership Associate Director, GCA; Ms. Gill Thomas, Director of Engagement, Capacity & Resilience Program, GCA
What
Introduction to the Global Cyber Alliance
Description
Since 2015, GCA has pursued the mission to secure the Internet, and provide tools that are accessible to any Internet users and empower them to take action to be more secure. We achieve this mission through two major programs : the Internet Integrity and the Capacity & Resilience programs. The Internet Integrity program aims at building a secure and trustworthy Internet. During this presentation, Alejandro Fernández-Cernuda, Director of Engagement, Internet Integrity, will detail our vision of a secure Internet and present AIDE, our solution to secure IoT devices even in consumers and small office environments. The Capacity & Resilience program aims at democratizing cybersecurity by providing free and easy-to-use solutions to particularly vulnerable Internet users. One of our major work is to help secure SMEs through a free, effective, and user-friendly Toolkit for Small Business. Gill Thomas, Director of Engagement, Capacity & Resilience, will present the Toolkit and our deployment efforts to secure SMEs around the world.
August 2021 Community Call: An Overview of International Standards Related to Cybersecurity
When
August 4th, 2021 11:00am
Who
Suzanne Lightman, Sr. Advisor Information Security, NIST
What
An Overview of International Standards Related to Cybersecurity
Description
The international standards landscape in the vehicle industry has become extremely active, especially in the area of cybersecurity. This presentation will discuss activities in SAE, ISO and UNECE that address road vehicles specifically. The presentation will also cover related work in ISA/IEC on industrial internet of things, as well as touching on NIST work under Executive Order 14028.
July 2021 Community Call: Hacker-Powered Data: The Most Common Security Weaknesses and How to Avoid Them
When
July 7th, 2021 11:00am
Who
Ben Willis, Principal Security Engineer, HackerOne
What
Hacker-Powered Data: The Most Common Security Weaknesses and How to Avoid Them
Description
Vulnerabilities are a fact of life. Today, technology companies, financial institutions and even governments are embracing collaborating with hackers to find vulnerabilities before cyber criminals have a chance to exploit the same bugs for nefarious purposes. In this session, HackerOne will examine the world of hackers, with specific attention to those who hack financial services organizations, and share real-world insights into how to improve relationships with them. Attendees will discover common weaknesses that they won’t find on the OWASP top ten, how attackers could exploit these prevalent vulnerabilities, and the reason for some rising and falling in popularity. Whether you run an active bug bounty program or if your security email address is routed to /dev/null, this session will help attendees shed blind dogma and walk away armed with an analytical approach towards building an effective vulnerability disclosure program that turns security teams into enablement teams.
June 2021 Community Call: SAE EV Charging PKI Project
When
June 2nd, 2021 11:00am
Who
Tim Weisenberger, Project Manager, Emerging Technologies at SAE International
What
SAE EV Charging PKI Project
Description
SAE has gathered industry to design and test an inclusive, worldwide EV charging industry PKI platform that is secure, trusted, scalable, interoperable, and extensible. The project is joint venture of industry companies in the SAE Cooperative Research Program. It is an industry-led, pre-competitive research project that will strengthen electric vehicle charging system security. Tim will give a detailed briefing on the mission, approach, and current status of this important development effort.
May 2021 Community Call: On the Front Line: Managing 21st Century Cybersecurity Risks
When
May 5th, 2021 11:00am
Who
Norma Krayem, Vice President & Chair, Cybersecurity, Privacy and Digital Innovation, Van Scoyoc Associates
What
On the Front Line: Managing 21st Century Cybersecurity Risks
Description
Whether connected vehicles, traditional intelligent transportation systems (ITS) or autonomous vehicles, tech innovation brings systemic cyber and privacy risks. The U.S., EU and nations around the world are instituting cyber mandates, “standards of care” for those who build, run or operate systems along with new IoT and IIoT mandates being instituted. Cybersecurity has become the top safety risks to the sector as well. The discussion will focus on the nexus of these risks, how the sector should work to address the risks and what the new Biden-Harris Administration and the Cyberspace Solarium Commission may be planning.
April 2021 Community Call: Auto-ISAC and the Dealer Threat Landscape
When
April 7th, 2021 11:00am
Who
Dan Hoban, Exec. VP, Nuspire Josh Smith, Cyber Threat Analyst, Nuspire
What
Auto-ISAC and the Dealer Threat Landscape
Description
Dealer security is a key component of the security of the automotive sector and will continue to increase in importance. As the automotive industry becomes increasingly digital, the relationship between the dealership, the vehicle, the OEM, and the customer will become more intertwined and “always-on”. During Nuspire’s ISAC Community Call we will dive into the dealer threat landscape. We’ll discuss how it impacts the automotive ecosystem (OEM, Dealer, Vehicle, suppliers, and customers). Nuspire will provide specific threats, attacks, statistics, and recommendations for improvement.
March 2021 Community Call: Addressing Accelerating Supply Chain Risks
When
March 3rd, 2021 11:00am
Who
John Sheehy, SVP, Research and Strategy, IOActive, Inc.
What
Addressing Accelerating Supply Chain Risks
Description
Understand some of the cybersecurity, integrity, and disruption risks increasingly facing supply chains today. Likewise, hear a sound strategy for addressing these risks with currently available tools and where gaps exist in programmatically addressing supply-chain risks. This talk will explore some of the potential cybersecurity and integrity risks associated with the 2020-2021 automotive microchip shortage.
February 2021 Community Call: Crossroads Of Motor Vehicle Data: Digital Forensics And Cyber Threats
When
February 3rd, 2021 11:00am
Who
Christopher Church, Senior Mobile Forensic Specialist, INTERPOL Global Complex for Innovation Kamel Ghali, Automotive Security Architect, White Motion (Marelli)
What
Crossroads Of Motor Vehicle Data: Digital Forensics And Cyber Threats
Description
As the car becomes more connected and aware of its environment law enforcement also needs to understand the challenges and issues this will give them. Law Enforcement has started to see a vehicle as an accessory in certain crimes and understand what data a car holds and how they can access it. The evidence gained from a motor vehicle has helped law enforcement understand the back story to a crime. A vehicle’s data has helped trace missing persons, solve murders, and shut down criminal gangs transporting drugs and smuggling weapons and keeping vulnerable citizens safe from harm. As law enforcement start to become aware of the possibilities, so do their responsibility. This presentation will explore the relationship between law enforcement and industry and the crossover of digital forensics too cyber and the associated intertwined landscapes. The presentation will be partly presented by INTERPOL and White motion who have seen a growing interest from the community in this area.
January 2021 Community Call: Cybersecurity Information Sharing Success Stories
When
January 6th, 2021 11:00am
Who
David Turetsky, Professor; Brian Nussbaum, Assistant Professor; Unal Tatar, Assistant Professor, Practice at the College of Emergency Preparedness, Homeland Security and Cybersecurity at the University at Albany (SUNY).
What
Cybersecurity Information Sharing Success Stories
Description
Given that the theory of cybersecurity information sharing is well-established, the successes ought to be visible in practice. Funded by the William and Flora Hewlett Foundation, we collected real-world information sharing success stories across different economic sectors through a conference and interviews with ISACs, ISAOs and some of their members. Our prior experience suggested that for some in industry, particularly senior executives who are not cybersecurity experts, the benefits of joining a cybersecurity information sharing organization and being a full participant can seem less clear, or at least less concrete and well-documented, than the costs and potential risks of doing so. Our project was intended in part to address this gap by compiling a set of success stories across different areas of activity to help support those trying to explain and document the advantages of information sharing to colleagues and decision makers. We published a Lawfare article about this work, together with a longer research paper.
Cybersecurity Information Sharing Success Stories – Lawfare (lawfareblog.com)
2019_08_01_Turetsky_Stories For Sharing-Transportation Industry