Strategic Partnership Programs
For-profit companies that sell cybersecurity-related connected vehicle products & services (e.g. Hacker ONE, SANS, IOActive). Innovator
- Paid Partnership
- • Annual investment and agreement
- • Specific Commitment to engage with ISAC
- • In-kind contributions allowed
Industry associations and others who want to support and invest in the Auto-ISAC activities (e.g. Auto Alliance, Global Auto, ATA). Navigator
- Support Partnership
- • Provides guidance and support
- • Annual definition of activity commitments and expected outcomes
- • Provides guidance on key topics/activities
Government, academia, research, non-profit orgs with complementary missions to Auto-ISAC (e.g. NCI, A-AISAC, DHS, NHTSA). Collaborator
- Coordination Partnership
- • "See something, say something"
- • May not require a formal agreement
- • Information exchanges and coordination activities
Companies interested in engaging the automotive ecosystem and supporting - educating the community (e.g. Summit sponsorship – key events). Benefactor
- Sponsorship Partnership
- • Participate in monthly community calls
- • Sponsor Summit
- • Network with Auto Community
- • Webinar/Events
ATA Cywatch Program
Fleet CyWatch is an ATA Technology & Maintenance Council (TMC) and Transportation Security Council (TSC) supported program that assists fleets members in reporting information about trucking related internet crimes and cyber-attacks, and shares information to fleets about cyber threats that may impact their operations. Fleet CyWatch coordinates with private and federal efforts to provide motor carriers with information and recommendations in the areas of cybersecurity awareness, prevention, and mitigation methods. The Program connects industry, federal enforcement, and associations and trade groups specialized in cybersecurity to improve U.S. road transport safety.
NMFTA Heavy Vehicle Cyber Security Program
NMFTA member motor carriers perform a vital service to our nation's economy by delivering the goods necessary to keep commerce flowing. NMFTA represents over 500 carriers who collectively operate close to 200,000 power units generating approximately $100 billion in freight revenue. To do so, they operate a diverse fleet of vehicles, including heavy vehicles.
Carrier vehicles tend to be homogenized on a fleet basis and are typically more connected than passenger automobiles. Heavy vehicles are designed and built with both OEM factory equipped as well as aftermarket telematics units. Using common communication interoperability standard SAE J1939, OEMs are able to offer vehicles in different configurations using parts such as brakes, transmissions, and engines outsourced from 3rd parties which increases supply chain cybersecurity risk. Additionally, the extensive impact of transportation disruptions create particular concern regarding potential outages. These characteristics make the heavy vehicle cybersecurity risk profile substantially different than passenger automobiles.
National Council of ISACs (NCI)
Information Sharing and Analysis Centers — ISACs — help critical infrastructure owners and operators protect their facilities, personnel and customers from cyber and physical security threats and other hazards. ISACs reach deep into their sectors, communicating critical information far and wide and maintaining sector-wide situational awareness. ISACs collect, analyze and disseminate actionable threat information to their members and provide members with tools to mitigate risks and enhance resiliency.
Because critical infrastructure sectors are interdependent, the National Council of ISACs (NCI) has a vital role in facilitating cross-sector coordination among the ISACs, particularly during security incidents and natural disasters. NCI provides a forum for sharing threat and response information and serves as a gateway to the ISACs for federal agencies and other partners. NCI also organizes its own drills and exercises and participates in national exercises. During significant national incidents, NCI is on the National Infrastructure Coordinating Center (NICC) watch floor. NCI members are also present on the National Cybersecurity and Communications Integration Center (NCCIC) watch floor.
Have Something to Share?
Although Auto-ISAC is not a coordinated disclosure or bounty-based organization, anyone can submit information to Auto-ISAC. Automotive cybersecurity researchers, academia and enthusiasts welcome. Tell us a little about yourself and submission topic, and your discovery could end up as part of an Auto-ISAC Intelligence Report.