Press & News
Auto-ISAC Partners with NCC Group, Zscaler
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – November 17, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) announces that NCC Group and Zscaler, both leaders in cybersecurity solutions, are new strategic partners who will be engaging with the group’s automotive sector members.
“As pioneers in automotive cyber security, NCC Group is determined to continue playing a role in advancing security and safety in this rapidly evolving sector. Partnerships like this are so important to achieve our vision of creating a more secure digital future, and we are looking forward to supporting Auto-ISAC to help assure the resilience and continuity of the global automotive industry,” said Andy Davis, Global Research Practice Director, NCC Group.
NCC Group provides specialized cyber security services for the transport sector, including aerospace, automotive, rail, and maritime. NCC Group offers extensive automotive experience, insights, and services ranging from bespoke vehicle security testing and regulatory compliance expertise to helping manufacturers manage complex global supply chains and address diverse threats.
“Zscaler’s partner ecosystem includes a network of partners who offer solutions, services, software, and more to make secure digital transformation possible,” said Deepak Patel, Senior Director OT/IoT Security, Zscaler. “We are thrilled to partner with the Auto-ISAC and its members to deliver support on security matters.”
Zscaler extends zero trust security into the automotive and transportation industry and helps accelerate digital transformation for both manufacturers and automakers. A zero-trust architecture helps simplify security and enables new business models for automotive leaders.
“Third-party security organizations are important and valued contributors, and automakers have long engaged these providers to develop vehicle-specific security technologies and practices,” said Faye Francy, Executive Director of the Auto-ISAC. “Zscaler and NCC Group are leaders in cyber security solutions with powerful global capabilities, and as partners they can help us create an even more resilient digital future.”
Since 2015, the Auto-ISAC has operated as a global information-sharing community for vehicle cybersecurity, providing a central hub for sharing, tracking, and analyzing intelligence about emerging automotive cybersecurity risks.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
# # #
About NCC Group
NCC Group is a people-powered, tech-enabled global cyber security and software escrow business. Driven by a collective purpose to create a more secure digital future, approximately 2,000 colleagues across Europe, North America, and Asia Pacific harness their collective insight, intelligence, and innovation to deliver cyber resilience for over 14,000 clients across the public and private sectors. With decades of experience and a rich heritage, NCC Group is committed to developing sustainable solutions that continue to meet clients’ current and future cyber security challenges. For more information visit www.nccgroup.com/uk.
Media Contacts:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
michaelshokouhi@automotiveisac.com
Zscaler
Natalia Wodecki, Sr. Director, Global Integrated Communications & PR
Thomas Farmer Assumes Position as Director of Operations
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – November 13, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) announces that Thomas L. Farmer has been selected as the organization’s first Director of Operations, effective September 30, 2024, to help orchestrate the diverse business functions of the growing and active cybersecurity group.
Farmer brings extensive security knowledge and leadership skills to his new responsibilities. He has more than 20 years’ experience in national transportation security matters, including cybersecurity, and has served as a general manager at a federal government security agency.
Faye Francy, Executive Director, Auto-ISAC, expressed confidence in Farmer saying, “Our organization is dynamic with many moving parts, and Tom brings a strong understanding of how organizations operate and thrive, along with a deep expertise in security. He will play a crucial role in our success by managing daily activities and overseeing essential functions, including membership and partnership, legal, contracting, supplier management, and finance.” In his new position, Farmer will report directly to Francy.
Automakers formed the Auto-ISAC in 2015 to establish a global information-sharing community for vehicle cybersecurity. In the past decade the organization, now comprised of more than 80 members globally, has grown and expanded both its reach and scope of impact. Recently, the group launched its European Union Division and its comprehensive Automotive Cybersecurity Training (ACT) program. Work products include assessments of cybersecurity risk and threats to connected vehicles, Best Practices Guides, the Automotive Threat Matrix, Annual Automotive Threat Assessment, and monthly Community Calls. Auto-ISAC members are actively engaged in an Executive Committee, 14 issue-focused Work Groups, four Standing Committees, and two Affinity Groups.
As Director of Operations, Farmer will ensure that Auto-ISAC’s operations are coordinated, unified, and productive in supporting continuously the accomplishment of a diverse and multi-faceted mission. One key focus will be providing support to the Legal Work Group.
According to Farmer, “I have been privileged to work with this team during much of this year and gain a true appreciation for the knowledge, capabilities, and dedication of the staff. In this new role, my focus is on people, policies, procedures, and productivity – to do all I can to optimize efficiency and effectiveness and deliver positive outcomes across the Auto-ISAC’s mission-essential functions and extensive international scope.”
Previously, Farmer founded Warning Track Consulting and, in that capacity, provided security consulting services to the ISAC for approximately 8 months.
Farmer served 13 years at the Association of American Railroads (AAR) from 2010-2023. As Assistant Vice President of Security at AAR, he was responsible for assuring preparedness for a spectrum of threats, including cyber-attacks and terrorism. In that role, he fostered excellent relationships with the range of federal agencies responsible for security and defense.
As Acting General Manager/Deputy General Manager of the Mass Transit Division at the Transportation Security Administration (TSA) from 2006-2010, he advanced public/private initiatives to share information on threats to mass transit and passenger rail systems across the nation and risk mitigation priorities for prevention and response. Earlier in his tenure with TSA, he served for two years as legislative counsel.
Since 2019, Farmer has been the elected Chair of TSA’s Surface Transportation Security Advisory Committee, the members of which are appointed by the agency’s Administrator, and he will continue to chair this committee while at Auto-ISAC. He also serves in the All Hazards Consortium’s Sensitive Information Sharing Environment that supports emergency preparedness and response – across critical infrastructure sectors and in government. Further, Tom led the Critical Infrastructure Cross-Sector Council as elected Chair during 2013-2018.
Prior to those positions, Farmer served honorably and with distinction in the U.S. Air Force as a Judge Advocate and in the U.S. Army as a tactical intelligence officer.
He earned a Master of Arts in National Security Affairs at the Institute of World Politics in Washington, DC. He was awarded a Juris Doctorate from St. John’s University School of Law and a Bachelor of Arts in Communications from Seton Hall University.
# # #
About Auto-ISAC
The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to address vehicle cybersecurity and operate as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us@autoisac.
Media contact
Michael Shokouhi
michaelshokouhi@automotiveisac.com
News from the Auto-ISAC Cybersecurity 2024 Summit
Attendance, Engagement, Substantive Sessions, and Awards
Washington, DC – November 12, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) reported today that its 8th Annual Summit achieved unprecedented milestones and broke new ground at the event held in October in Detroit.
“Our Summit is the centerpiece of much of what we do at Auto-ISAC. By uniting industry leaders and cybersecurity experts, we foster cooperation and develop solutions that drive automotive innovation securely,” said Kevin Tierney, Chairman, Auto-ISAC, and Chief Cybersecurity Officer at General Motors. “This year, we achieved several milestones for attendance and engagement.”
Auto-ISAC’s Summit grows as the must-attend cybersecurity event for the automotive sector.
The number of Summit registrants reached a record high of 563. This signal event, held annually, is the one US cybersecurity conference where automakers, manufacturers of commercial trucks, and suppliers are broadly represented on stage to share their perspectives. The Summit line-up included speakers from 18 automakers and suppliers, plus more than a dozen leading cybersecurity providers. Attendees included chief information security officers (CISOs), information technology (IT) and operational technology (OT) professionals, cyber threat analysts, researchers, and leaders in the legal, regulatory and policy fields.
The inaugural Auto-ISAC Member of the Year award is given for exceptional leadership in information sharing.
International Motors, LLC* (“International”, previously known as Navistar, Inc.) earned the Member of the Year Information Sharing Excellence Award in recognition of the company’s remarkable efforts supporting the Auto-ISAC’s mission to “collaborate with global members, identify and assess cybersecurity threats, provide best practices to the automotive industry, and ultimately ensure a safer experience for consumers.”
“International joined Auto-ISAC to work collaboratively with organizations across the sector towards the advancement of cybersecurity. In this collaborative effort, we confirmed that collective resilience enhances and motivates the furtherance of our company’s own readiness stance – much to the delight of our customers, dealers, suppliers and employees,” remarked Nicolas Guibert de Bruet, Chief Technical Engineer – Operational Safety and Security, International. “We are honored to receive this award recognizing an outstanding level of engagement and support that made lasting impacts on automotive cybersecurity.”
According to Auto-ISAC, International exemplifies the commitment to proactive engagement and cooperation and consistently demonstrates dedication to the cybersecurity mission in the automotive industry by sharing critical intelligence—whether it’s Indicators of Compromise (IOCs) through Auto-ISAC’s Threat Indicator Report Exchange (TIRE), insightful intelligence reports, Requests for Information (RFIs) on the Reporting Exchange & Discussion (RED) platform, or timely communications that inform awareness and proactive measures to mitigate risk.
Auto-ISAC’s Summit has become an established platform for government policy leaders.
Each year, government policymakers address the conference to share their news and perspectives. 2024 Summit speakers included:
Representative Debbie Dingell (D-MI).
Sophie Shulman, Deputy Administrator, U.S. National Highway Traffic Safety Administration.
Elizabeth Cannon, Executive Director, Office of Information and Communications Technology and Services, U.S. Department of Commerce.
Reuben C. Coleman, Assistant Special Agent in Charge (ASAC), FBI Detroit.
2024 Auto-ISAC Cybersecurity Summit Overview
The Summit advanced the theme of “Revving Up Resilience: Security Meets Innovation” and the agenda covered four fundamental areas: building cyber-ready ecosystems, innovating security, technological horizons, and reimagining cybersecurity practices. Highlights included:
Titanium host, Booz Allen Hamilton, led a panel of auto industry CISOs on securing a software-defined vehicle ecosystem.
John McElroy, host of Autoline, summarized global auto trends that can impact cybersecurity.
Auto-ISAC Work Groups for CISOs, IT/OT, Legal, and Software Bill of Materials presented key findings from their focused efforts to support sustained cybersecurity enhancement.
New developments in the Automotive Cybersecurity Training (ACT) program were reviewed and described, highlighting another key element of industry commitment.
VicOne and Block Harbor named team, “greaterthan”, the winner of the Capture the Flag Challenge that recognizes excellence in cybersecurity.
# # #
About Auto-ISAC
The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to address vehicle cybersecurity and operate as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us@autoisac.
Media contact
Auto-ISAC
Michael Shokouhi
michaelshokouhi@automotiveisac.com
*International Motors, LLC is d/b/a International Motors USA LLC in Illinois, Missouri, New Jersey, Ohio, Texas, and Utah.
Learn What’s New in Auto Cybersecurity at October Summit
Three days of content-rich briefings, new developments and approaches
Washington, DC – October 17, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC), the leading automotive cybersecurity group, announced today the full agenda for its 8th Annual Summit which will showcase automotive executives, cybersecurity experts, and government leaders.
Produced by the Auto-ISAC, the 2024 Annual Cybersecurity Summit will be held in Detroit, MI on October 21-23 at the MGM Grand Detroit. Both digital and in-person participation is available.
The Summit theme is “Revving Up Resilience: Security Meets Innovation.” The event is open to manufacturers of autos and commercial trucks, suppliers, and cybersecurity experts. Attendees include CISOs, IT, OT, analysts, researchers, and leaders in legal, regulatory and policy fields.
“Ground-breaking advancements continually shape automotive cybersecurity. Resilience is an evolutionary process demanding constant adaptation to an ever-changing environment. Our summit provides a quick yet substantive knowledge boost and that is why many attendees participate every year,” said Kevin Tierney, Chairman, Auto-ISAC, and Chief Cybersecurity Officer at General Motors. “This is the one US cybersecurity conference each year where automakers and suppliers are broadly represented on stage to share their perspectives. We actively learn from each other.”
The Summit will be emceed by Auto-ISAC Officers Kevin Tierney, GM; Tim Gieger, Ford; Josh Davis, Toyota; and Stephen Roberts, Honda.
Emily Helmke, Vice President, Global Commercial Markets, Booz Allen, our Titanium sponsor will be opening the Summit proceedings.
The Summit line-up includes speakers from 18 automakers and suppliers, along with more than a dozen leading cybersecurity providers. Government policymakers who will speak include:
Sophie Shulman, Deputy Administrator, National Highway Traffic Safety Administration, on Driving Cyber Resilience: NHTSA's Role in a Secure Automotive Future.
Rep. Debbie Dingell (D-MI) on legislative cybersecurity leadership.
Elizabeth Cannon, Executive Director of the Office of Information and Communications Technology and Services (OICTS), U.S. Department of Commerce, on Securing the Information and Communications Technology and Services Supply Chain: Connected Vehicles.
Reuben C. Coleman, Assistant Special Agent in Charge (ASAC), FBI Detroit, on Building Meaningful Alliances Between FBI and the Automotive Industry.
The Summit agenda covers four themes: building cyber-ready ecosystems, innovating security, technological horizons, and reimagining cybersecurity practices.
Titanium host, Booz Allen Hamilton, will moderate a panel of automotive CISOs on securing a software-defined vehicle ecosystem. Additional Summit sessions include:
· The role of automation and artificial intelligence in threat detection.
· Key findings from the Auto-ISAC Software Bill of Materials (SBOM) Working Group, along with insights from Working Groups for CISOs, IT/OT and Legal.
· Global perspectives and updates on UN Type Approval regulations.
· New developments in the Automotive Cybersecurity Training (ACT) program.
· Plus, sessions on supply chains, zero trust, vehicle Security Operations Centers (vSOCs), threat assessment and risk analysis (TARA) and more.
To conclude the Summit, VicOne and Block Harbor will present the winner of the Capture the Flag Challenge that recognizes excellence in cybersecurity.
The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to address vehicle cybersecurity and operate as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
Media Contact:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
michaelshokouhi@automotiveisac.com
# # #
Dr. Martin Emele Transitions to Full-Time Role as European Director at Auto-ISAC
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – April 9, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) is delighted to announce a significant development in its leadership team. Dr. Martin Emele, formerly the Vice President of Cybersecurity Public Affairs and Governmental Relations at the Bosch Group and serving as the European Director since June 15, 2021, will transfer to Auto-ISAC and assume a full-time position as the European Director at Auto-ISAC Europe, effective July 1, 2024.
Dr. Emele's transition from Bosch to Auto-ISAC marks a pivotal moment in strengthening the organization's European presence and advancing cybersecurity initiatives within the automotive industry. With over 15 years of dedicated experience in automotive cybersecurity, Dr. Emele brings a wealth of knowledge and strategic insight to his new role.
In his new full-time capacity, Dr. Emele will spearhead the establishment and growth of the European Branch of Auto-ISAC. His vision is to foster a collaborative environment where automotive OEMs, suppliers, and other stakeholders work together to address security concerns efficiently. Dr. Emele emphasized the importance of global cooperation in combating cyber threats, stating, "We must unite as a global community to enhance our customers' protection and bolster organizational resilience because attackers don’t stop at borders."
Under Dr. Emele's continued leadership, Auto-ISAC Europe will prioritize acquisition of new European members and building strong partnerships with European cybersecurity companies, industry associations, and government agencies. This includes close collaboration with entities such as the Federal Office for Information Security (BSI), the European Union Agency for Cybersecurity (ENISA), European Automobile Manufacturer Association (ACEA) and the European Association of Automotive Suppliers (CLEPA).
Kevin Tierney, Chairman, Auto-ISAC, and Chief Cybersecurity Officer at General Motors, expressed confidence in Dr. Emele's appointment, stating, "Dr. Emele's transition to a full-time role at Auto-ISAC reflects our commitment to fostering top-tier talent within our organization. His leadership and expertise will be instrumental in driving collaborative efforts to strengthen cybersecurity practices across Europe."
Auto-ISAC reaffirms its commitment to promoting cybersecurity best practices and information sharing globally. Dr. Martin Emele's appointment as European Director heralds a new chapter in Auto-ISAC's journey towards enhancing cybersecurity resilience in the automotive industry.
The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to address vehicle cybersecurity, and operates as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.
Auto-ISAC’s 2024 Europe Cybersecurity Summit is scheduled for June 11-13, 2024, and hosted by BMW in the BMW-Welt in Munich, Germany. To register or become a sponsor of the Summit, please visit 2024 Europe Cybersecurity Summit.
Auto-ISAC’s 8th Annual Cybersecurity Summit is scheduled for October 22-23, 2024, hosted by Booz Allen Hamilton in Detroit, MI and virtually. To register or become a sponsor of the Summit, please visit 2024 Auto-ISAC Cybersecurity Summit.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
Media Contact:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
The Auto-ISAC Launches Automotive Threat Matrix (ATM) Tool to Enhance Vehicle Cybersecurity Governance
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – March 27, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC), renowned for its leadership in automotive cybersecurity information sharing, introduces the Automotive Threat Matrix (ATM). This innovative initiative marks a significant leap forward in bolstering the assessment of automotive threats and risks, as well as the classification and sharing of cyber threat intelligence across the automotive industry.
Crafted by esteemed automotive security subject matter experts from Auto-ISAC's Member and Partner network, the Automotive Threat Matrix (ATM) represents a pioneering effort. Modeled after the acclaimed MITRE ATT&CK™ framework, ATM offers a standardized taxonomy meticulously tailored for automotive-specific adversarial cyber tactics and techniques.
“In the realm of automotive cybersecurity, shared understanding accelerates industry maturation and speed of response to cyber-attacks, both of which are vital to staying ahead of emerging threats," stated Kevin Tierney, Chair, Auto-ISAC, and Chief Cybersecurity Officer at General Motors. "ATM represents a significant advancement in our ongoing mission to enhance automotive cybersecurity governance, providing stakeholders with a standard taxonomy to communicate and act more effectively."
What Can It Do?
Expedited Threat Intelligence: ATM accelerates the categorization of vehicle-specific threat intelligence, facilitating the swift identification of emerging attack techniques targeting vehicles.
Streamlined Governance: ATM enhances all aspects of automotive cybersecurity governance, encompassing threat assessment, intelligence sharing, incident response, compliance reporting, and execution of penetration testing.
Compliance Abstraction: ATM serves as a useful abstraction for compliance reporting, aiding in fulfilling automotive cybersecurity regulatory requirements such as UN Regulation 155 and current as well as future legislative requirements.
Enhanced Threat Detection: ATM, based upon real-world attacker tactics and techniques, can help identify attack paths and inform the design of intrusion detection systems.
ATM is available online at https://atm.automotiveisac.com/
The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to address vehicle cybersecurity, and operates as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.
Auto-ISAC’s 2024 Europe Cybersecurity Summit is scheduled for June 11-13, 2024, hosted by BMW in Munich, Germany. To register or become a sponsor of the Summit, please visit 2024 Europe Cybersecurity Summit.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
Media Contact:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
Dana Joins the Auto-ISAC Membership - Dellfer Becomes Strategic Partner
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – March 19, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes Dana Incorporated as a new member, along with Dellfer as a new strategic partner.
Dana is a leader in the design and manufacture of highly efficient propulsion and energy-management solutions that power vehicles and machines in all mobility markets across the globe.
“The Auto-ISAC is global and covers diverse parts of the automotive sector. We welcome companies like Dana that prioritize innovation and see the value of collaboration. Our community is active, sharing knowledge and approaches that help us enhance vehicle cybersecurity. Dana will add their important perspectives,” said Kevin Tierney, Chair, Auto-ISAC, and Chief Cybersecurity Officer at General Motors.
Dana is shaping sustainable progress through its conventional and clean-energy solutions that support nearly every vehicle manufacturer with drive and motion systems; electrodynamic technologies, including software and controls, along with thermal, sealing, and digital solutions.
“At Dana we take product cybersecurity very seriously and strive to improve our product cybersecurity posture. Auto-ISAC is a great platform for the automotive cybersecurity community to come together and share cybersecurity intelligence and best practices. I believe this will benefit Dana as a Tier 1 supplier, as well as the mobility industry,” said Dr. Di Jin, Dana’s Global Head of Product Cybersecurity.
The Auto-ISAC also announces that Dellfer is joining its Strategic Partner Program, which was established for companies that sell connected vehicle cybersecurity products and services.
Dellfer takes a unique approach to protecting Internet of Things (IoT) devices used in auto components, such as electronics, actuators, and sensors used to gather information and inform decisions and actions.
Dellfer provides software development tools which can automatically examine source or assembly code to discover poor programming, extraneous code, Common Weakness Enumerations (“CWEs”) and Common Vulnerabilities and Exposures (“CVEs”) in code. Dellfer’s toolkit enables an organization to find those flaws and rapidly eliminate them.
James Blaisdell, CEO of Dellfer stated: “The Dellfer team is committed to advancing the cybersecurity landscape for connected vehicles. We are eager to collaborate with Auto-ISAC members to enhance the security of vital open-source software components used within the industry. Our focus is on ensuring the highest standards of cyber safety and resilience. Being part of this initiative allows us to contribute significantly to protecting automakers from evolving cyber threats, and we are proud to support this mission and look forward to making a substantial impact together.”
As a strategic partner, Dellfer intends to work with the Auto-ISAC to identify commonly used open-source software and use its tools to eliminate errors and weaknesses. This clean version of the software will be provided exclusively to members of the Auto-ISAC. Dellfer will also provide two supporting workshops for members.
"Strategic partnerships are integral to the vitality of our Auto-ISAC community, enriching our collective strength through collaborative efforts," remarked Faye Francy, Executive Director of the Auto-ISAC. "Dellfer's commitment to enhancing cybersecurity through innovative approaches aligns seamlessly with our mission. By leveraging their expertise and tailored solutions, our members gain invaluable resources, fortifying our industry against emerging threats."
The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to address vehicle cybersecurity, and operates as a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.
Auto-ISAC’s 2024 Europe Cybersecurity Summit is scheduled for June 11-13, 2024, hosted by BMW in Munich, Germany. To register or become a sponsor of the Summit, please visit 2024 Europe Cybersecurity Summit.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
About Dana Incorporated
Dana is a leader in the design and manufacture of highly efficient propulsion and energy-management solutions that power vehicles and machines in all mobility markets across the globe. The company is shaping sustainable progress through its conventional and clean-energy solutions that support nearly every vehicle manufacturer with drive and motion systems; electrodynamic technologies, including software and controls; and thermal, sealing, and digital solutions.
Based in Maumee, Ohio, USA, the company reported sales of $10.6 billion in 2023 with 42,000 people in 31 countries across six continents. With a history dating to 1904, Dana was named among the "World's Most Ethical Companies" for 2023 and 2024 by Ethisphere and as one of "America's Most Responsible Companies 2023" by Newsweek. The company is driven by a high-performance culture that focuses on valuing others, inspiring innovation, growing responsibly, and winning together, earning it global recognition as a top employer. Learn more at dana.com.
About Dellfer
Dellfer is an IoT cybersecurity software company that empowers device manufacturers to embed protection against unknown threats and thwart intrusions with unmatched visibility, speed, and accuracy. It meets the connected world’s need for a new, holistic cybersecurity approach that can effectively and efficiently harden IoT devices and keep them from becoming vectors for successful attacks.
Media Contacts:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
michaelshokouhi@automotiveisac.com
202-507-6219
Dana Incorporated
Craig Barber
419-887-5166
Dellfer
Shawn Lorenz
415-761-3850
Amazon and PHINIA Join the Auto-ISAC
Advancing Cybersecurity of the Connected Vehicle across the Industry
Washington, DC – March 5, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes Amazon and PHINIA as new members, bringing the total number of members to 77.
Amazon.com, Inc. is an American multinational technology company that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence. Amazon engages with automakers, Tier-1 suppliers, auto-tech start-ups, partners, and industry organizations to help support industry security.
PHINIA Inc. develops fuel systems, electrical systems and aftermarket solutions designed to keep combustion engines operating at peak performance, as cleanly and efficiently as possible, while at the same time investing in future technologies that will unlock the potential of alternative fuels.
“We are proud that leading companies in their fields are joining the Auto-ISAC, where sharing information and proven solutions is an everyday priority. Everyone who joins the Auto-ISAC wants to actively learn from others within our community, where the ability to call global manufacturers and service providers directly to discuss a range of cybersecurity topics benefits the entire automotive industry,” said Kevin Tierney, Chair, Auto-ISAC, and Chief Cybersecurity Officer at General Motors.
“Amazon’s participation in the Auto-ISAC reinforces our commitment to automotive cybersecurity as an essential part of our work with automotive customers across the vehicle journey through research and analytics, customer experiences, innovation, and the development of new features and services, such as securely integrating AI capabilities running in the vehicle and in the cloud,” said Wendy Bauer, Vice President and General Manager of Automotive & Manufacturing at AWS. “As the industry transitions to more software-defined experiences, safety and security is more important than ever. Connecting with automaker and Tier- 1 security experts across the Auto-ISAC community will help us all engage faster, resulting in improvements to standards and practices and ultimately making the vehicle a more secure environment.”
Through its membership, Amazon teams will collaborate with Auto-ISAC members to help remain up to date on automotive vehicle cybersecurity, including potential threats and vulnerabilities, and help shape the industry’s path to a software-defined future. They will also work with Amazon to explore best practices for secure-by-design in-vehicle infotainment solutions that integrate AI and are capable of running in the cloud or at the edge. More broadly, Amazon continues to dive deep with customers and industry partners to build and deliver innovative solutions for the automotive industry.
The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to address vehicle cybersecurity. The Auto-ISAC operates a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.
As resources for its community of cyber professionals, the Auto-ISAC offers educational programs, Best Practices, a monthly community call, an annual Summit in both the United States and Europe, analytic reports and more.
Auto-ISAC’s 2024 Europe Cybersecurity Summit is scheduled for June 11-13, 2024, hosted by BMW in Munich, Germany. To register or become a sponsor of the Summit, please visit 2024 Europe Cybersecurity Summit.
The Auto-ISAC also provides opportunities for different disciplines and function areas to collaborate on shared priorities. The Information Technology (IT) and Operational Technology (OT) Working Group creates a forum for technical experts to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods that build the resiliency of the connected vehicle. Working Groups for CISO Executives and for Analysts address their specific agendas on a bi-weekly basis. And, the Commercial Vehicle Affinity Group, the Supplier Affinity Group, and the Japan Working Group meet monthly.
Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.
About PHINIA
PHINIA is an independent, market-leading, premium solutions and components provider with over 100 years of manufacturing expertise and industry relationships, with a strong brand portfolio that includes DELPHI®, DELCO REMY® and HARTRIDGE®. With 13,200 employees across 44 locations in 20 countries, PHINIA is headquartered in Auburn Hills, Michigan, USA. (DELCO REMY is a registered trademark of General Motors LLC licensed to PHINIA Technologies Inc.)
Media Contacts:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
michaelshokouhi@automotiveisac.com
Amazon
Frank Filiatrault
PR Manager – AWS Automotive & Manufacturing
PHINIA
Jo Donnelly
External Communications Manager, PHINIA
Japanese Auto-ISAC and Auto-ISAC Formalize Agreement to Enhance Vehicle Cybersecurity
Advancing Cybersecurity of the Connected Vehicle Around the World
Washington, DC – January 9, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) and the Japan Automotive ISAC (J-Auto-ISAC) jointly announce a formal collaboration to foster information sharing on automotive vehicle cybersecurity. The two groups will begin coordinating their sharing of sensitive and other information.
“In the world of cybersecurity, we are all stronger together. Widespread automotive industry participation is critical to understanding emerging threats and securing our automotive infrastructure,” said Faye Francy, Executive Director, Auto-ISAC. “The automotive sector was an early industry leader in cybersecurity, and our priority is to continue moving forward, engaging more fully with industry experts and stakeholders everywhere. Today’s announcement is an important advancement in strengthening global ties.”
“In order for automobiles and related services to be used safely and securely in the future, it is essential to strengthen our ability to respond to cybersecurity risks,” said Koji Hirabayashi, Steering Committee Chairman, Japan Automotive ISAC. “Automotive manufacturers, suppliers, and businesses providing related services must build strong cooperative systems with cybersecurity experts and others to consistently implement timely measures. Collaboration is essential for strong cybersecurity.”
On October 17, 2023, the Auto-ISAC and J-Auto-ISAC signed a Memorandum of Understanding that outlines two priorities for working together and coordinating activities and information.
First, the two groups intend to collaborate in cyber education and awareness events, and this effort is already under way. In October, the Auto-ISAC held its seventh annual Cybersecurity Summit, its biggest gathering of the year drawing automotive cyber experts from around the globe. At this event, the Technical Committee Chairman from the J-Auto-ISAC provided an update on its work building a cybersecurity community across Japan and the world to support building even greater resiliency for the automotive industry.
The J-Auto-ISAC and Auto-ISAC also plan to exchange important cybersecurity bulletins and alerts. In addition, members of both groups will meet to share the status of emerging cybersecurity issues of interest on a quarterly basis. One focus of the meetings will be exploring further means of working together sharing information.
Second, Auto-ISAC and J-Auto-ISAC both emphasize how information sharing is critical for the greatest level of security in the automotive industry, so the groups will recognize a common Traffic Light Protocol (TLP) for handling information. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) defines TLP as a set of designations used to ensure that sensitive information is shared with the appropriate audience. While the TLP process has been in use since circa 2000, in 2022 CISA officially adopted the first Standard Definitions and Usage Guidance – Version 2.0. (https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage)
About Auto-ISAC
The membership of the Auto-ISAC, which launched in 2015, represents more than 99 percent of light-duty vehicles on the road in North America, as well as heavy-duty vehicles, commercial fleets, carriers, and suppliers. In October 2022, the Auto-ISAC announced a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create a central European hub for information sharing on motor vehicle cybersecurity. Auto-ISAC’s European office in Stuttgart was established in June of 2021. For more information, visit www.automotiveISAC.com.
About Japan Automotive ISAC
Japan Automotive ISAC (J-Auto-ISAC) formally launched in February 2021. Prior to that, the Japanese Automobile Manufacturers Association (JAMA) established a cybersecurity work group in 2017 for all its members and subsequently began adding supporting stakeholders in collaboration with the Japan Auto Parts Industries Association (JAPIA). Today, the J-Auto-ISAC, which is based in Tokyo, has more than 110 members, including automotive manufacturers, suppliers, and academic members. The mission of the J-Auto-ISAC is to promote information sharing and analysis of cybersecurity risks and strengthen cybersecurity response capabilities so that Japan’s automobiles and related services can be used safely and with peace of mind.
Media Contacts
Auto-ISAC
Michael Shokouhi
Auto-ISAC Business Operations and Communications
1-202-507-6219
MichaelShokouhi@automotiveisac.com
Japan Automotive ISAC
Norio Takagi
Secretary General
Auto-ISAC Europe Cybersecurity Summit: Driving the Future of Connected Security
Advancing Cybersecurity of the Connected Vehicle across the Industry
Sochaux, France – June 9, 2023 - The Automotive Information Sharing and Analysis Center (Auto-ISAC) is proud to announce the inaugural Auto-ISAC Europe Cybersecurity Summit, taking place at The Peugeot Adventure Museum in Sochaux, France from June 13 to June 14. At this event, industry leaders, decision-makers, and experts will explore the ever-evolving landscape of automotive cybersecurity and share perspectives on maintaining a secure and resilient future.
The summit, themed "Future of Connected Security," will feature engaging discussions, thought-provoking panels, and substantive presentations, covering critical topics such as Securing Software Defined Vehicles, The Importance of Collaboration, Risk Management & Compliance, and Maturing Our Industry. Attendees will have the unique opportunity to network, exchange knowledge, and gain valuable insights from renowned experts in the field.
Keynote speakers include OEMs, suppliers, cybersecurity experts, and representatives from governmental organizations, all of whom will share their views on the latest developments in the automotive cybersecurity domain. With a focus on collaboration, innovation, and the implications of upcoming European regulations, this event aims to drive forward our collective efforts enhancing a safe and secure connected vehicle ecosystem.
As part of the summit, panel discussions will delve into key areas, such as the upcoming EU regulations NIS2 and CRA, cybersecurity training and skills activities planned by the European Commission, and the importance of information sharing and reporting within the industry. These discussions will provide a platform for stakeholders to address challenges, explore best practices, and foster collaboration among industry players.
In anticipation of the event, Stellantis, our hosting Titanium sponsor of the event, shares its enthusiasm: “Stellantis with its 14 brands is fully engaged to deploy worldwide organization, processes, and competencies to deliver state of the art solutions in compliance with standards. The active participation in Auto-ISAC is fundamental to exchange and collaborate with all players in Cybersecurity” declares Eric Dequi, Stellantis, Cybersecurity & Compliance Officer for Connected Cars and Auto-ISAC European Steering Committee.
“The automotive sector is an early industry leader in cybersecurity, and our priority is to continue moving forward,” said Dr. Martin Emele, the European Director of Auto-ISAC Europe. "The Auto-ISAC Europe Cybersecurity Summit is a pivotal opportunity for industry leaders to come together and shape the future of connected security. Through collaboration and information sharing, we can continue building an ever more resilient automotive ecosystem.
For more information about the Europe Summit and to secure participation, please visit the official conference webpage at 2023 Europe Summit.
In October 2022, the Auto-ISAC announced a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create the leading automotive information-sharing entity in Europe dedicated to the mission of increasing the cybersecurity resilience of the automotive industry.
The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.
Auto-ISAC’s 2023 Annual Cybersecurity Summit is scheduled for October 17-18, 2023, hosted by Honda in Redondo Beach, CA and virtually. To register or become a sponsor of the Summit, please visit 2023 Auto-ISAC Cybersecurity Summit and follow us @autoisac.
Media Contact:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
202-507-6219
michaelshokouhi@automotiveisac.com