Japanese Auto-ISAC and Auto-ISAC Formalize Agreement to Enhance Vehicle Cybersecurity
Advancing Cybersecurity of the Connected Vehicle Around the World
Washington, DC – January 9, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) and the Japan Automotive ISAC (J-Auto-ISAC) jointly announce a formal collaboration to foster information sharing on automotive vehicle cybersecurity. The two groups will begin coordinating their sharing of sensitive and other information.
“In the world of cybersecurity, we are all stronger together. Widespread automotive industry participation is critical to understanding emerging threats and securing our automotive infrastructure,” said Faye Francy, Executive Director, Auto-ISAC. “The automotive sector was an early industry leader in cybersecurity, and our priority is to continue moving forward, engaging more fully with industry experts and stakeholders everywhere. Today’s announcement is an important advancement in strengthening global ties.”
“In order for automobiles and related services to be used safely and securely in the future, it is essential to strengthen our ability to respond to cybersecurity risks,” said Koji Hirabayashi, Steering Committee Chairman, Japan Automotive ISAC. “Automotive manufacturers, suppliers, and businesses providing related services must build strong cooperative systems with cybersecurity experts and others to consistently implement timely measures. Collaboration is essential for strong cybersecurity.”
On October 17, 2023, the Auto-ISAC and J-Auto-ISAC signed a Memorandum of Understanding that outlines two priorities for working together and coordinating activities and information.
First, the two groups intend to collaborate in cyber education and awareness events, and this effort is already under way. In October, the Auto-ISAC held its seventh annual Cybersecurity Summit, its biggest gathering of the year drawing automotive cyber experts from around the globe. At this event, the Technical Committee Chairman from the J-Auto-ISAC provided an update on its work building a cybersecurity community across Japan and the world to support building even greater resiliency for the automotive industry.
The J-Auto-ISAC and Auto-ISAC also plan to exchange important cybersecurity bulletins and alerts. In addition, members of both groups will meet to share the status of emerging cybersecurity issues of interest on a quarterly basis. One focus of the meetings will be exploring further means of working together sharing information.
Second, Auto-ISAC and J-Auto-ISAC both emphasize how information sharing is critical for the greatest level of security in the automotive industry, so the groups will recognize a common Traffic Light Protocol (TLP) for handling information. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) defines TLP as a set of designations used to ensure that sensitive information is shared with the appropriate audience. While the TLP process has been in use since circa 2000, in 2022 CISA officially adopted the first Standard Definitions and Usage Guidance – Version 2.0. (https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage)
About Auto-ISAC
The membership of the Auto-ISAC, which launched in 2015, represents more than 99 percent of light-duty vehicles on the road in North America, as well as heavy-duty vehicles, commercial fleets, carriers, and suppliers. In October 2022, the Auto-ISAC announced a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create a central European hub for information sharing on motor vehicle cybersecurity. Auto-ISAC’s European office in Stuttgart was established in June of 2021. For more information, visit www.automotiveISAC.com.
About Japan Automotive ISAC
Japan Automotive ISAC (J-Auto-ISAC) formally launched in February 2021. Prior to that, the Japanese Automobile Manufacturers Association (JAMA) established a cybersecurity work group in 2017 for all its members and subsequently began adding supporting stakeholders in collaboration with the Japan Auto Parts Industries Association (JAPIA). Today, the J-Auto-ISAC, which is based in Tokyo, has more than 110 members, including automotive manufacturers, suppliers, and academic members. The mission of the J-Auto-ISAC is to promote information sharing and analysis of cybersecurity risks and strengthen cybersecurity response capabilities so that Japan’s automobiles and related services can be used safely and with peace of mind.
Media Contacts
Auto-ISAC
Michael Shokouhi
Auto-ISAC Business Operations and Communications
1-202-507-6219
MichaelShokouhi@automotiveisac.com
Japan Automotive ISAC
Norio Takagi
Secretary General