When
November 2, 2022 11:00 AM EST

Who
Brandon Barry, CEO, Block Harbor Cybersecurity

What
A Global Grassroots Community of 10,000+ Automotive Security Folks: The ASRG”

Description
The Automotive Security Research Group is a non-profit grassroots organization focused on the workforce solving challenges in vehicle cybersecurity. Founded by John Heldreth in Stuttgart, Germany, with the next chapter being founded by Sean McKeever and Brandon Barry in Detroit, Michigan, the ASRG quickly grew to over 40 locations all over the world — from Africa to Australia — with over 12,000 people registering for a local chapter. The ASRG captures the interest of folks that want to discuss their day-to-day challenges in vehicle cybersecurity both with their local community and with the broader, global automotive security community. With an engaged academia community, strong membership, and passionate individuals donating their time to run local chapters, the ASRG is a platform to foster remarkable conversation, including hosting WORLD webinars where experts talk about topics in vehicle cybersecurity on YouTube and hosting the “Secure Our Streets” virtual conference in 2022.

When
October 5, 2022 11:00 AM EST

Who
Kristie Pfosi, Executive Director of Product Security, Aptiv- ETSC Chair

Christine Pelione, Cybersecurity Strategic Risk Manager, GM- ETSC Vice Chair

Tamara Shoemaker, ACT Program Manager, Auto-ISAC- ETSC Staff Lead

What
Auto-ISAC Education and Training Standing Committee (ETSC) 2022 Cybersecurity Awareness Project

Description
Cybersecurity is not a bolt-on solution. Like safety and quality, it needs to be designed from the concept phase and supported through the product’s end of life. In this modern vehicle ecosystem, cybersecurity is everyone’s responsibility. We are all in this together. We are all connected. Join this Community Call session to find out about our TLP White videos and posters the ETSC Awareness Tiger Team as put together for you to use during Cybersecurity month!

When
September 14, 2022 11:00 AM EST

Who
Tim Weisenberger, Program Manager, SAE International

What
SAE EV Charging Public Key Infrastructure Program

Description
EV Charging systems have crucial and growing interface points between the Automotive industry, EV drivers, and the Electric Grid/Energy industry. It is critical that these interfaces be secure and trusted. SAE has gathered global EV Charging Ecosystem members in a Cooperative Research Program, to create a solution by industry for industry. The SAE EV Charging PKI program has designed and is currently testing an inclusive, worldwide EV charging industry PKI platform that is secure, trusted, scalable, interoperable, and extensible. Once complete, the PKI design platform will be migrated to an industry consortium to field an operational industry PKI to strengthen electric vehicle charging system security industry wide.

When
August 3, 2022 11:00 AM EST

Who
Gilad Bandel, Business Development & Marketing, Cymotive

What
Continuous Automated Vulnerability Management for Safer Cars and Regulatory Compliance

Description
Real-time vulnerability monitoring will reduce costs during development by addressing them in their early stages. Tier 1s need to provide evidence of proper vulnerability management to OEMs, who in turn are required to submit for type approval to receive compliance certification as per UNR 155. Once the vehicle is on the road, the vulnerabilities must be continuously monitored with specific mitigation tactics for detected critical risk due to newly disclosed vulnerabilities. After all, it’s in the interest of OEMs to avoid any reputation damages and huge costs associated with cyber incidents. We will discuss how OEMs and Tier 1s should address challenges around vulnerability management and in addition, what are the most effective courses of action for mitigating those challenges.

When
July 6, 2022 11:00 AM EST

Who
Bruce Churchill, Pacific Regional Representative & National Transportation Sector Chief, InfraGard National Members Alliance & Stephanie Scheuermann, Manager- Data Protection Services, Ford Motor Company

What
The FBI’s InfraGard Program

Description
The FBI’s InfraGard Program celebrated the 25th Anniversary of its 1996 beginning in the FBI’s Cleveland Field Office in 2021. Since then, the program has grown to over 75,000 members located in 75 Chapters nationwide. The InfraGard Program is locally/regionally based and covers all 16 of the DHS Critical Infrastructure Sectors. The Program also includes several Cross-Sector Councils and the National Sector Security & Resilience Program. The Program is managed by a national Board of Directors that includes two FBI ex-officio members and is financed through an FBI contract and corporate sponsorships. This presentation will cover InfraGard organization, operations and partnership opportunities.

When
June 1, 2022 11:00 AM EST

Who
François-Frédéric Ozog, Director of Business Development, Linaro

What
Automotive Firmware, Hypervisor and OS Cybersecurity Made Simpler

Description
Cybersecurity is gaining traction in the automotive industry with ISO 21434 and 24089 being released.

Linaro and its members have been working on similar topics in a broader “industrial” context to address diversity of behaviours when it comes to cybersecurity on Arm processors.

Following intense market push, Linaro is about to create an automotive project and we are thus enhancing our cybersecurity approach to simplify the work of the automotive supply chain players in implementing ISO, UN WP.29 and NIST recommendations/requirements/regulations. The scope of this activity is Arm platform firmware, Xen hypervisor and Linux operating system. It is expected that this work will be leveraged by commercial providers to do the same.

The session will present available technologies on Arm platforms and the associated roadmap. In addition, the implementation routes to proper multi-tenancy in automotive will be discussed. A key challenge to solve is to give tenants such as insurance companies assurance that their data or algorithms are confidential and protected against tampering by any actor.

Topics to be covered:

- SecureBoot, MeasuredBoot, 

- Sealed disks (intellectual IP protection and more)

- Firmware and secure firmware OTA with anti-bricking and anti-rollback policies

- Application/container security anchored at hardware root of trust

- Onboarding, provisioning

- Trusted Execution Environments

When
May 4, 2022 11:00 AM EST

Who
Kenneth J. Peterson, CTPRP, Founder and CEO, Churchill & Harriman, Inc.

What
Protecting and Enabling Global Revenue Streams

Description
Problem: There is a particular global confluence of High-Level risks across critical infrastructure that threaten existing and new revenue streams. These risks include those inherent in technical continuity, cyber resilience, and the potential for a ransomware attack. These risks are particularly acute in the relationship between manufacturers and their suppliers. These risks are increasingly manifested globally by two factors: 1) Increased dependence on remote working (usually without a firewall) as a result of COVID 19, and 2) Phishing Attacks and Ransomware. Boards of Directors require IT, and Risk Management executives produce evidence of these risks and the impact of these risks in order to make funding decisions to mitigate these risks and to protect and enable global revenue streams. 

Solution: In this presentation, Kenneth will share proven processes and exercises through which these High-Level risks can be identified, risk-ranked, lessened and presented to The Board in order to protect and enable global revenue streams.