Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – March  5, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes Amazon and PHINIA as new members, bringing the total number of members to 77.

Amazon.com, Inc. is an American multinational technology company that focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence. Amazon engages with automakers, Tier-1 suppliers, auto-tech start-ups, partners, and industry organizations to help support industry security.

PHINIA Inc. develops fuel systems, electrical systems and aftermarket solutions designed to keep combustion engines operating at peak performance, as cleanly and efficiently as possible, while at the same time investing in future technologies that will unlock the potential of alternative fuels.

“We are proud that leading companies in their fields are joining the Auto-ISAC, where sharing information and proven solutions is an everyday priority. Everyone who joins the Auto-ISAC wants to actively learn from others within our community, where the ability to call global manufacturers and service providers directly to discuss a range of cybersecurity topics benefits the entire automotive industry,” said Kevin Tierney, Chair, Auto-ISAC, and Chief Cybersecurity Officer at General Motors.

“Amazon’s participation in the Auto-ISAC reinforces our commitment to automotive cybersecurity as an essential part of our work with automotive customers across the vehicle journey through research and analytics, customer experiences, innovation, and the development of new features and services, such as securely integrating AI capabilities running in the vehicle and in the cloud,” said Wendy Bauer, Vice President and General Manager of Automotive & Manufacturing at AWS. “As the industry transitions to more software-defined experiences, safety and security is more important than ever. Connecting with automaker and Tier- 1 security experts across the Auto-ISAC community will help us all engage faster, resulting in improvements to standards and practices and ultimately making the vehicle a more secure environment.”

Through its membership, Amazon teams will collaborate with Auto-ISAC members to help remain up to date on automotive vehicle cybersecurity, including potential threats and vulnerabilities, and help shape the industry’s path to a software-defined future. They will also work with Amazon to explore best practices for secure-by-design in-vehicle infotainment solutions that integrate AI and are capable of running in the cloud or at the edge.  More broadly, Amazon continues to dive deep with customers and industry partners to build and deliver innovative solutions for the automotive industry.

The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to address vehicle cybersecurity. The Auto-ISAC operates a central hub for sharing, tracking, and analyzing intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

As resources for its community of cyber professionals, the Auto-ISAC offers educational programs, Best Practices, a monthly community call, an annual Summit in both the United States and Europe, analytic reports and more.

Auto-ISAC’s 2024 Europe Cybersecurity Summit is scheduled for June 11-13, 2024, hosted by BMW in Munich, Germany. To register or become a sponsor of the Summit, please visit 2024 Europe Cybersecurity Summit.    

The Auto-ISAC also provides opportunities for different disciplines and function areas to collaborate on shared priorities. The Information Technology (IT) and Operational Technology (OT) Working Group creates a forum for technical experts to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods that build the resiliency of the connected vehicle.  Working Groups for CISO Executives and for Analysts address their specific agendas on a bi-weekly basis. And, the Commercial Vehicle Affinity Group, the Supplier Affinity Group, and the Japan Working Group meet monthly.

Auto-ISAC members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.   

About PHINIA

PHINIA is an independent, market-leading, premium solutions and components provider with over 100 years of manufacturing expertise and industry relationships, with a strong brand portfolio that includes DELPHI®, DELCO REMY® and HARTRIDGE®. With 13,200 employees across 44 locations in 20 countries, PHINIA is headquartered in Auburn Hills, Michigan, USA. (DELCO REMY is a registered trademark of General Motors LLC licensed to PHINIA Technologies Inc.)

Media Contacts:

Michael Shokouhi

Auto-ISAC Business Operations and Communications

michaelshokouhi@automotiveisac.com

Amazon

Frank Filiatrault

PR Manager – AWS Automotive & Manufacturing

fffiliat@amazon.com

PHINIA

Jo Donnelly

External Communications Manager, PHINIA

jdonnelly@phinia.com                                                  

Advancing Cybersecurity of the Connected Vehicle Around the World

Washington, DC – January 9, 2024 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) and the Japan Automotive ISAC (J-Auto-ISAC) jointly announce a formal collaboration to foster information sharing on automotive vehicle cybersecurity. The two groups will begin coordinating their sharing of sensitive and other information.

 “In the world of cybersecurity, we are all stronger together. Widespread automotive industry participation is critical to understanding emerging threats and securing our automotive infrastructure,” said Faye Francy, Executive Director, Auto-ISAC. “The automotive sector was an early industry leader in cybersecurity, and our priority is to continue moving forward, engaging more fully with industry experts and stakeholders everywhere. Today’s announcement is an important advancement in strengthening global ties.”

“In order for automobiles and related services to be used safely and securely in the future, it is essential to strengthen our ability to respond to cybersecurity risks,” said Koji Hirabayashi, Steering Committee Chairman, Japan Automotive ISAC. “Automotive manufacturers, suppliers, and businesses providing related services must build strong cooperative systems with cybersecurity experts and others to consistently implement timely measures. Collaboration is essential for strong cybersecurity.”

On October 17, 2023, the Auto-ISAC and J-Auto-ISAC signed a Memorandum of Understanding that outlines two priorities for working together and coordinating activities and information.

First, the two groups intend to collaborate in cyber education and awareness events, and this effort is already under way. In October, the Auto-ISAC held its seventh annual Cybersecurity Summit, its biggest gathering of the year drawing automotive cyber experts from around the globe. At this event, the Technical Committee Chairman from the J-Auto-ISAC provided an update on its work building a cybersecurity community across Japan and the world to support building even greater resiliency for the automotive industry.

The J-Auto-ISAC and Auto-ISAC also plan to exchange important cybersecurity bulletins and alerts. In addition, members of both groups will meet to share the status of emerging cybersecurity issues of interest on a quarterly basis. One focus of the meetings will be exploring further means of working together sharing information.

Second, Auto-ISAC and J-Auto-ISAC both emphasize how information sharing is critical for the greatest level of security in the automotive industry, so the groups will recognize a common Traffic Light Protocol (TLP) for handling information. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) defines TLP as a set of designations used to ensure that sensitive information is shared with the appropriate audience. While the TLP process has been in use since circa 2000, in 2022 CISA officially adopted the first Standard Definitions and Usage Guidance – Version 2.0. (https://www.cisa.gov/news-events/news/traffic-light-protocol-tlp-definitions-and-usage)

About Auto-ISAC

The membership of the Auto-ISAC, which launched in 2015, represents more than 99 percent of light-duty vehicles on the road in North America, as well as heavy-duty vehicles, commercial fleets, carriers, and suppliers. In October 2022, the Auto-ISAC announced a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create a central European hub for information sharing on motor vehicle cybersecurity. Auto-ISAC’s European office in Stuttgart was established in June of 2021. For more information, visit www.automotiveISAC.com.

About Japan Automotive ISAC

Japan Automotive ISAC (J-Auto-ISAC) formally launched in February 2021. Prior to that, the Japanese Automobile Manufacturers Association (JAMA) established a cybersecurity work group in 2017 for all its members and subsequently began adding supporting stakeholders in collaboration with the Japan Auto Parts Industries Association (JAPIA). Today, the J-Auto-ISAC, which is based in Tokyo, has more than 110 members, including automotive manufacturers, suppliers, and academic members. The mission of the J-Auto-ISAC is to promote information sharing and analysis of cybersecurity risks and strengthen cybersecurity response capabilities so that Japan’s automobiles and related services can be used safely and with peace of mind.

Media Contacts

Auto-ISAC

Michael Shokouhi

Auto-ISAC Business Operations and Communications

1-202-507-6219

MichaelShokouhi@automotiveisac.com

Japan Automotive ISAC

Norio Takagi

Secretary General

Norio.takagi@j-auto-isac.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Sochaux, France – June 9, 2023 - The Automotive Information Sharing and Analysis Center (Auto-ISAC) is proud to announce the inaugural Auto-ISAC Europe Cybersecurity Summit, taking place at The Peugeot Adventure Museum in Sochaux, France from June 13 to June 14. At this event, industry leaders, decision-makers, and experts will explore the ever-evolving landscape of automotive cybersecurity and share perspectives on maintaining a secure and resilient future.

The summit, themed "Future of Connected Security," will feature engaging discussions, thought-provoking panels, and substantive presentations, covering critical topics such as Securing Software Defined Vehicles, The Importance of Collaboration, Risk Management & Compliance, and Maturing Our Industry. Attendees will have the unique opportunity to network, exchange knowledge, and gain valuable insights from renowned experts in the field.

Keynote speakers include OEMs, suppliers, cybersecurity experts, and representatives from governmental organizations, all of whom will share their views on the latest developments in the automotive cybersecurity domain. With a focus on collaboration, innovation, and the implications of upcoming European regulations, this event aims to drive forward our collective efforts  enhancing a safe and secure connected vehicle ecosystem.

As part of the summit, panel discussions will delve into key areas, such as the upcoming EU regulations NIS2 and CRA, cybersecurity training and skills activities planned by the European Commission, and the importance of information sharing and reporting within the industry. These discussions will provide a platform for stakeholders to address challenges, explore best practices, and foster collaboration among industry players.

In anticipation of the event, Stellantis, our hosting Titanium sponsor of the event, shares its enthusiasm: “Stellantis with its 14 brands is fully engaged to deploy worldwide organization, processes, and competencies to deliver state of the art solutions in compliance with standards. The active participation in Auto-ISAC is fundamental to exchange and collaborate with all players in Cybersecurity” declares Eric Dequi, Stellantis, Cybersecurity & Compliance Officer for Connected Cars and Auto-ISAC European Steering Committee.

“The automotive sector is an early industry leader in cybersecurity, and our priority is to continue moving forward,” said Dr. Martin Emele, the European Director of Auto-ISAC Europe. "The Auto-ISAC Europe Cybersecurity Summit is a pivotal opportunity for industry leaders to come together and shape the future of connected security. Through collaboration and information sharing, we can continue building an ever more resilient automotive ecosystem.  

For more information about the Europe Summit and to secure participation, please visit the official conference webpage at 2023 Europe Summit.

In October 2022, the Auto-ISAC announced a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create the leading automotive information-sharing entity in Europe dedicated to the mission of increasing the cybersecurity resilience of the automotive industry.

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

Auto-ISAC’s 2023 Annual Cybersecurity Summit is scheduled for October 17-18, 2023, hosted by Honda in Redondo Beach, CA and virtually. To register or become a sponsor of the Summit, please visit 2023 Auto-ISAC Cybersecurity Summit and follow us @autoisac.                                                        

Media Contact:
Michael Shokouhi
Auto-ISAC Business Operations and Communications
202-507-6219
michaelshokouhi@automotiveisac.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – March 7, 2023 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes KTM Group and JTEKT North American Corporation as new members.

KTM produces and develops race-ready offroad and street motorcycles. JTEKT is a global leader in engineering and manufacturing automotive systems, bearing solutions, and high-performance machine tools. The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to promote vehicle cybersecurity. 

“The Auto-ISAC is global and covers diverse parts of the automotive sector. We are proud to count KTM and JTEKT as members who prioritize innovation and see the value of collaboration,” said Josh Davis, Chair, Auto-ISAC, and Chief Cybersecurity Officer at Toyota North America. “We have an active community and welcome contributions from JTEKT and KTM as we work to analyze and identify potential threats sooner and share solutions that enhance vehicle cybersecurity.”

“KTM is a highly innovative company, and R&D is a driving force for us – from the racetrack to the street. The result is technology leadership. Connectivity features, human-2-machine and machine-2-machine are increasingly important for our premium brands. We carry out intensive development work in this sector. The opportunity to exchange with industry experts in this field is vital for constant improvement,” said Marcus Steiner, Vice President Information Technology, KTM AG.

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence-sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

As resources for its community of cyber professionals, the Auto-ISAC offers Best Practices, a monthly community call, an annual Summit and more.

In addition, the Auto-ISAC provides opportunities for different disciplines and function areas to collaborate on shared priorities. The IT/OT Working Group creates a forum for Information Technology (IT) and Operational Technology (OT) cybersecurity experts to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods to build the resiliency of the connected vehicle.  Working Groups for CISO Executives and for Analysts address their specific agendas on a bi-weekly basis. And, the Commercial Vehicle Affinity Group, the Supplier Affinity Group, and the Japan Working Group meet monthly.

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.                                                     

#  #  #

About KTM Group

KTM AG, a company of PIERER Mobility, is Europe’s leading powered two-wheeler (PTW) manufacturer. With its KTM, Husqvarna Motorcycles and GASGAS motorcycle brands, it ranks among the European technology and market leaders, particularly in the premium motorcycle segment. In addition to combustion engine vehicles, its product portfolio includes vehicles with innovative electric drives, making KTM AG an industry pioneer in two-wheel e-mobility as well. For more information, visit www.ktm.com or ktmgroup.com/en/company/

About JTEKT

JTEKT North America Corporation, part of JTEKT Corporation, was founded in 2006 through the merger of Koyo Seiko Co., LTD and Toyoda Machine Works, LTD, forming a new global company combining modern technology with a rich heritage of quality. With more than 5000 associates and 23 facilities, including 12 manufacturing sites, 3 Technical Centers, and 5 Distribution Centers, JTEKT North America manufactures a broad range of products such as Automotive and Driveline Systems, Bearings, and high-performance Machine Tools and Mechatronics. For more information, visit https://jtekt-na.com/.

Media Contacts:

Michael Shokouhi
Auto-ISAC Business Operations and Communications
202-507-6219
michaelshokouhi@automotiveisac.com

KTM
Iris PerzHead of Corporate Communications
mediaKTMAG@ktm.com

JTEKT
Tracy FinleyCorporate Communications864-770-2100 ext. 134266
Tracy.Finley@jtekt.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – February  22, 2023 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes thyssenkrupp and Bose Corporation as new members.

Thyssenkrupp is one of the leading steering suppliers in the automotive industry, and Bose Corporation is a global leader in premium audio products. The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to promote vehicle cybersecurity. 

“Thyssenkrupp and Bose are both recognized for their quality products, leadership and innovations, and both companies grew from a foundation of strong research and development with world-class engineering,” said Josh Davis, Chair, Auto-ISAC, and Chief Cybersecurity Officer at Toyota North America. “Bose and thyssenkrupp will be valuable members sharing their expertise.”

Bose created the world’s first factory-installed premium automotive sound systems in the early 1980s. Unlike conventional or aftermarket automotive systems, Bose systems were designed and tuned for a specific automotive vehicle — and changed the industry. Since then, Bose has developed proprietary speaker designs, advanced amplification and signal processing technologies, exclusive analysis and design tools, and technology for controlling the sound environment inside vehicles, all based on a heritage of research and engineering.

Thyssenkrupp's steering business in Hungary is part of thyssenkrupp's global automotive business. The steering subsidiary in Hungary grew from research and development competence and now is a world-class supplier of highly sophisticated technologies that provides a range of automotive benefits. The steering systems developed and produced in Hungary are used in over 100 countries around the world. thyssenkrupp Steering is one of the world's leading suppliers of electric powered steering systems.

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

 Thyssenkrupp is one of the first European companies to join the Auto-ISAC since the cybersecurity group announced its formal collaboration in October 2022 with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA). Working together, these groups intend to create the leading automotive information-sharing entity in Europe dedicated to the mission of increasing the cybersecurity resilience of the automotive industry.

“The physical presence of an Auto-ISAC Office within Europe is indispensable for our collective cybersecurity defence,” said Dr. Martin Emele, European Regional Director, Auto-ISAC. “The automotive sector is an early industry leader in cybersecurity, and our priority is to continue moving forward, engaging with those in the industry, policymakers and stakeholders.”

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.                                                     

About thyssenkrupp Automotive Technology

The Automotive Technology business segment is one of the leading suppliers and engineering partners to the international auto industry. The range of products and services includes high-tech components and systems as well as automation solutions for vehicle construction. The product portfolio includes chassis technologies such as steering and damper systems and the assembly of axle systems as well as engine components for conventional and alternative powertrains. In addition, thyssenkrupp Automotive Technology develops assembly lines for body construction and produces lightweight body parts in volume. The business segment's sales in fiscal year 2021/22 were €4.8 billion.

In Hungary, thyssenkrupp is one of the country's 100 biggest companies with around 2,700 employees. Of greatest international importance and reputation are the company’s three R&D sites where around 1,200 development engineers develop software for current and future steering systems. For more information visit www.thyssenkrupp.hu

About Bose Corporation

Bose is world renowned for its premium audio solutions for the home, on the go, and in the car. Since its founding in 1964 by Dr. Amar Bose, the company has been dedicated to delivering amazing sound experiences through innovation. And its passionate employees — engineers, researchers, music fanatics, and dreamers — have remained committed to the belief that sound is the most powerful force on earth through its ability to transform, transport, and make us feel alive. For nearly 60 years, this belief has driven Bose to create products that have become iconic, changing the way people listen to music. Today, Bose automotive systems are recognized globally as the industry benchmark for performance and customer satisfaction, validated by independent research rating Bose as the top choice among car consumers in multiple global regions. For more information, visit Bose.com.

Media Contacts:

Michael Shokouhi
Auto-ISAC Business Operations and Communications
202-507-6219
michaelshokouhi@automotiveisac.com

thyssenkrupp
Konrad Böcker konrad.boecker@thyssenkrupp.com

Bose Corporation
kevin_doak@bose.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – January 10, 2023 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes e:fs TechHub and Nuspire as new members.

Nuspire is the leading managed security services provider to the automotive and dealer communities, and e:fs TechHub is a strategic innovation firm focused on advancing new mobility. The Auto-ISAC was formed by automakers in August 2015 to establish a global information-sharing community to promote vehicle cybersecurity.

“The Auto-ISAC seeks leaders in global innovation to share their knowledge and experience, and we welcome these new members. Nuspire delivers a software enabled operations platform that provides real-time analytic and actionable intelligence in one view, while e:fs TechHub has deep expertise in assisted and highly automated driving,” said Josh Davis, Chair, Auto-ISAC, and Chief Cybersecurity Officer at Toyota North America. “These innovators will advance our discussions within our membership of 76 suppliers and automakers. And our membership keeps growing.”

“Within the automotive industry, everyone needs to collaborate on cybersecurity to be able to counter attackers in the networked world. This community plays a vital role toward the engineering and developing of secure connected vehicles and we are pleased to be part of it,“ said Sebastian Mauthofer, Chief Product Security Officer (CPSO), e:fs TechHub. “Together with top-class experts and pioneers, we strive to make a contribution to the industry. “

“Nuspire has spent 20-plus years helping automotive manufacturers, suppliers and dealers improve their security programs with best-in-class cybersecurity services. We work to make sure our clients understand the most critical and relevant threats to their business, how to protect themselves and ways to safeguard their organizations from future attacks,” said Lewie Dunsworth, CEO of Nuspire. “We’re honored to join Auto-ISAC to share our industry knowledge, intelligence and expertise to strengthen cybersecurity best practices within the auto industry.”

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

In the past year, the Auto-ISAC expanded its scope to include Information Technology (IT) and Operational Technology (OT) functional areas related to the connected vehicle, with an associated working group. The IT/OT Working Group creates a forum for technical IT and OT cybersecurity experts in the automotive industry to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods to build the resiliency of the connected vehicle. Auto-ISAC has also set up a new group for the CISOs, the CISO Executive Working Group. They are sharing topical information and collaborating to build resiliency across the automotive industry.

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.

About e:fs TechHub GmbH

e:fs TechHub GmbH builds great technologies for a positive future and acts as a strategic development partner and innovative technology provider with a focus on the topics of automated driving, driver assistance systems and chassis. Our unique selling point is the competence for the chain of effects from sensors to actuators. In addition to the automotive industry, we also supply other high-tech sectors such as the space industry. We currently employ over 700 people at our three locations including Gaimersheim, Wolfsburg and Erlangen. For more information, visit www.efs-techhub.com and follow us at LinkedIn @e:fs TechHub GmbH.

About Nuspire

Nuspire is a managed security services provider (MSSP), offering managed security services (MSS), managed detection and response (MDR), endpoint detection and response (EDR) that supports best in breed EDR solutions, and cybersecurity consulting services (CSC) that include incident readiness and response, threat modeling, digital forensics, technology optimization, posture assessments and more. Our self-service, technology-agnostic platform, myNuspire, allows greater visibility into your entire security program. Powered by the self-healing, always-on Nuspire Cyber X Platform (CXP), myNuspire will help CISOs alleviate the pain associated with tech sprawl, provide intelligence-driven recommendations, solve for alert fatigue, and help their clients become more secure over time. Our deep bench of cybersecurity experts, award-winning threat intelligence and three 24×7 security operations centers (SOCs) detect, respond, and remediate advanced cyber threats. Our client base spans thousands of enterprises from midsized to large enterprises across multiple industries and geographic footprints. For more information, visit www.nuspire.com and follow us at LinkedIn @Nuspire.

Media Contacts:

Michael Shokouhi
Auto-ISAC Business Operations and Communications
202-507-6219
michaelshokouhi@automotiveisac.com

e:fs TechHub GmbH
Lisa Cziczek
(Corporate Communications)
lisa.cziczek@efs-techhub.com

Nuspire
Francie Dudrey
Francie.dudrey@nuspire.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – November 1, 2022 – The Automotive Information Sharing and Analysis Center (Auto-ISAC)  announces that Vultara, Inc. is a new strategic partner.

In this role, Vultara will support Auto-ISAC by continuing to develop and maintain the Auto Threat Matrix (ATM). ATM is an open, automotive-focused, threat knowledge base of adversary tactics and techniques, derived from the MITRE ATT&CK framework. ATM will benefit the entire automotive industry in threat modeling, adversary emulation and pen-testing, threat detection and analytics, threat intelligence, and much more.

“Auto-ISAC is the global hub for automotive cybersecurity collaboration, which makes it a perfect host for a knowledge base like ATM,” said Yuanbo Guo, CEO of Vultara. “Vultara is on a mission to promote cybersecurity by design in the automotive industry. We are excited to join the Auto-ISAC community and contribute our share of effort to help the automotive industry design more secure products. This partnership is a first step to materialize the synergy between two organizations with a common mission, starting from ATM.”

The Auto-ISAC was formed in 2015 by automakers to promote collaboration between suppliers, commercial vehicle companies and automobile manufacturers around vehicle cybersecurity issues. It operates as a central hub to share and analyze intelligence about emerging cybersecurity risks.

“As a strategic partner, Vultara will become part of the fabric of the Auto-ISAC community, making the whole stronger by working together,” said Faye Francy, Executive Director of the Auto-ISAC. “Information-sharing is the core of what we do at Auto-ISAC, and our partners learn from our members as our members benefit from their expertise in specialized areas.”

Last year, the Auto-ISAC expanded its scope to include Information Technology (IT) and Operational Technology (OT) functional areas related to the connected vehicle, with an associated working group.  The IT/OT Working Group creates a forum for technical IT and OT cybersecurity experts in the automotive industry to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods to build resiliency of the connected vehicle.  Auto-ISAC has also set up a new group for the CISOs, the CISO Executive Working Group.  They are sharing topical information and collaborating to build resiliency across the automotive industry.

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets and carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.          

Vultara, Inc. is an automotive cybersecurity company based in Troy, Michigan. Founded by automotive engineering veterans and cybersecurity experts, Vultara provides a SaaS Cyber Security Management System (CSMS) covering every phase in cybersecurity engineering, from security concept design to manufacturing and post-production monitoring. Vultara’s risk management platform was developed from the ground up to meet SAE J3061 and then ISO/SAE 21434 standards with cloud-based engineering automation algorithms and ML/AI technologies. Learn more at www.Vultara.com or contact info@Vultara.com.

Media Contact:

Michael Shokouhi, Auto-ISAC Business Operations and Communications

202-507-6219, michaelshokouhi@automotiveisac.com

Vultara, Inc.

info@vultara.com

Advancing Cybersecurity of the Connected Vehicle across the Industry

Washington, DC – October 26, 2022 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) welcomes new members CYMOTIVE and Flex.

The Auto-ISAC announced today that two companies focused on automotive connectivity have joined its membership. The new members are CYMOTIVE Technologies, a leader in smart mobility cyber solutions, and Flex, a global manufacturer serving diverse industries and end markets including automotive and next generation mobility technologies. The Auto-ISAC was formed by automakers in 2015 to establish a global information-sharing community to promote vehicle cybersecurity.

“The automotive cybersecurity community is dedicated to securing future mobility as connectivity expands and the next generation of vehicles take to the road. Both CYMOTIVE and Flex have a strong international presence along with world-class teams of cyber professionals who will be welcomed in Auto-ISAC meetings and discussions,” said Josh Davis, Chair, Auto-ISAC, and Chief Cybersecurity Officer at Toyota North America. “Our community is a forum to share insights and engage in peer-to-peer learning through participation in workshops, simulations and case study reviews.”

“CYMOTIVE welcomes becoming an Auto-ISAC member and sharing knowledge with the community. We look forward to contributing our deep cyber experience from working inside leading car manufacturers. Our pro-active cyber approach throughout the full vehicle lifecycle synchronizes well with Auto-ISAC’s forums and committees around the software-defined connected vehicle,” said Tsafrir Kats, Co-founder and CEO of CYMOTIVE Technologies.

“As vehicles transition to next generation, up-integrated compute platforms with increasing levels of connectivity, it’s critical for companies across the automotive industry to work together to ensure a safe and secure mobility experience, from the vehicle to edge and to cloud. We look forward to working with Auto-ISAC members to address the complexities of cybersecurity in and around software-defined vehicles to accelerate progress in bringing the promise of next-generation mobility into reality,” said Mike Thoeny, President, Automotive Business Group, Flex.

The Auto-ISAC operates as a central hub to share and analyze intelligence about emerging cybersecurity risks. Its secure intelligence sharing portal allows members to anonymously submit and receive information that helps them more effectively respond to cyber threats.

Last year, the Auto-ISAC expanded its scope to include Information Technology (IT) and Operational Technology (OT) functional areas related to the connected vehicle, with an associated working group. The IT/OT Working Group creates a forum for technical IT and OT cybersecurity experts in the automotive industry to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods to build the resiliency of the connected vehicle. Auto-ISAC has also set up a new group for the CISOs, the CISO Executive Working Group. They are sharing topical information and collaborating to build resiliency across the automotive industry.

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.

About CYMOTIVE Technologies

Founded in 2016 by former leaders of Israel’s National Security Agency, CYMOTIVE began as the trusted cyber security partner of the Volkswagen Group. Since then, the company has extended its reach to deliver pre-emptive, automotive cybersecurity solutions to all car manufacturers, top tier suppliers and smart cities. CYMOTIVE’s customers benefit from a full lifecycle platform of trusted security solutions spanning vehicles’ design, development and post-production stages. With teams working from Israel, Germany, Sweden, Italy and the US, CYMOTIVE offers innovative products providing automated vulnerability management, regulation compliance, intrusion detection & response, and security testing. Empowered by deep expertise in strategy and regulatory compliance planning, security engineering, risk analysis, security architecture, penetration testing, and VSOC services, CYMOTIVE secures industry players for the digitally-transformed mobility eco-system. For more information visit www.cymotive.com.

About Flex

Flex (Reg. No. 199002645H) is the manufacturing partner of choice that helps a diverse customer base design and build products that improve the world. Through the collective strength of a global workforce across 30 countries and responsible, sustainable operations, Flex delivers technology innovation, supply chain, and manufacturing solutions to diverse industries and end markets.

Advancing Cybersecurity of the Connected Vehicle Around the World

Brussels, Belgium – October 12, 2022 – The Automotive Information Sharing and Analysis Center (Auto-ISAC) announces a formal collaboration with the European Automobile Manufacturers’ Association (ACEA) and the European Association of Automotive Suppliers (CLEPA) to create a central European hub for information sharing on motor vehicle cybersecurity.

 “The physical presence of an Auto-ISAC Office within Europe is indispensable for our collective cybersecurity defence,” said Dr. Martin Emele, European Regional Director, Auto-ISAC. “The automotive sector is an early industry leader in cybersecurity, and our priority is to continue moving forward, engaging with those in the industry, policymakers and stakeholders.”

 The Auto-ISAC launched in 2015, and in June 2021 appointed Dr. Martin Emele as European Director to establish a presence in Europe by shepherding close coordination and alignment with European-based Auto-ISAC members, potential new members and key partners within Europe.

“The automobile industry is one of the primary cutting-edge industries in Europe, with automakers leading the way towards a new generation of mobility that is ever more sustainable, safe, and smart. Through the European Auto-ISAC, we will push ahead with our digital transformation while working to protect the security of connected vehicles,” said Sigrid de Vries, ACEA Director General.

 “For European suppliers, this agreement provides a roadmap for working together and coordinating activities and information flow between the Auto-ISAC based in North America, as well as other future regional offices. We are all stronger when we share potential cyber threats and the means to prevent and respond to them,” said Benjamin Krieger, CLEPA Secretary General.

 Under the agreement, a formal European office will be incorporated as a legal entity in an EU member state, with a Steering Committee formed that is composed of an equal number of representatives from Original Equipment Manufacturers (OEMs) and suppliers.

 ACEA and CLEPA intend to provide support to Auto-ISAC in establishing its European presence and partnering with the European Union Agency for Cybersecurity (ENISA), to actively encourage its members and stakeholders to participate in the European Office and to promote the Auto-ISAC as the leading automotive information-sharing entity in Europe dedicated to the mission of increasing the cybersecurity resilience of the automotive industry through sharing and analysis of cybersecurity intelligence.

 The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets, carriers, and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.                                                       

About ACEA

The European Automobile Manufacturers’ Association (ACEA) represents the 16 major Europe-based car, van, truck and bus makers: BMW Group, DAF Trucks, Daimler Truck, Ferrari, Ford of Europe, Honda Motor Europe, Hyundai Motor Europe, Iveco Group, Jaguar Land Rover, Mercedes-Benz, Renault Group, Stellantis, Toyota Motor Europe, Volkswagen Group, Volvo Cars, and Volvo Group. Visit www.acea.auto for more information.

 About CLEPA

CLEPA represents over 3,000 companies supplying state-of-the-art components and innovative technology for safe, smart and sustainable mobility, investing over €30 billion yearly in research and development. Automotive suppliers directly employ about 1.7 million people in Europe. Visit www.CLEPA.eu  for information.

Media Contacts

Auto-ISAC
Michael ShokouhiAuto-ISAC Business Operations and Communications
1-202-507-6219
MichaelShokouhi@automotiveisac.com

ACEA
Cara McLaughlinCommunications Director+32 485 88 66 47
cm@acea.auto

CLEPA
Filipa Rio
Head of Strategic Communications
+32 478 97 0007
f.rio@clepa.be

Advancing Cybersecurity of the Connected Vehicle across the Industry

 Washington, DC – July 27, 2022 – The Automotive Information Sharing and Analysis Center (Auto-ISAC)  gains two new strategic partners, itemis and Trustonic.

The partnership with itemis will provide support from the Auto-ISAC to help develop the projects “Community -based Threat Catalog” and “OPENXSAM”.  The former is an open-source, community-driven threat catalog for the automotive cyber community. The general concept is to develop a trusted and maintained source of potential threats for automotive cyber professionals.  The latter is an open, xml-based format for the exchange of security-risk information between tools, processes, and organizations. 

“itemis is truly honored to join the Auto-ISAC community.  We are excited to engage with industry to advance both the “Community-based Threat Catalog” and the “OPENXSAM” initiatives,” said Jonathan Mohring, President itemis Inc.  “By combining the industry insights of leading automotive companies within the Auto-ISAC together with the community-based inputs from the Automotive Security Research Group (ASRG), we look to advance the level of automation related to automotive threat analysis and risk assessments (TARA). itemis is focused on continuing to provide the most-advanced tooling for TARAs within the automotive industry.  The collaboration with the Auto-ISAC will help us to shape our roadmap to ensure the future needs of the automotive industry are being met and exceeded.” 

The partnership with Trustonic will support Auto-ISAC membership in building awareness of Trusted Execution Environments (TEE) and how they can be used to enhance in-vehicle protection within the automotive industry.  Trustonic will develop a training package to introduce members to the TEE and their applicability for the automotive sector. 

“The Auto-ISAC sets the benchmark in the automotive industry for sharing threat intelligence and cyber security best practices.  For Trustonic to join this community is a true honor.  We look forward to enriching the valuable work the Auto-ISAC is doing, " said Andrew Till, Trustonic's Secure Platform General Manager.  “Here at Trustonic, we focus on providing the most advanced Secure OS solutions.  We enable the entire ecosystem to develop next-generation cyber resilient platforms across all vehicle domains.  By working with the Auto-ISAC we will be able to leverage the learnings and insights to help shape our future roadmaps to meet the needs of the industry continually”.  

The Auto-ISAC was formed in 2015 by automakers to promote collaboration between suppliers, commercial vehicle companies and automobile manufacturers around vehicle cybersecurity issues. It operates as a central hub to share and analyze intelligence about emerging cybersecurity risks.

“Partnering with companies that enhance automotive cybersecurity for the whole of industry, such as itemis and Trustonic, allows the Auto-ISAC and its membership to be directly involved in the scope and outcome of these important projects,” said Faye Francy, Executive Director of the Auto-ISAC. “Strategic partnerships provide invaluable relationships between membership and the greater community that supports the automotive industry.” 

Last year, the Auto-ISAC expanded its scope to include Information Technology (IT) and Operational Technology (OT) functional areas related to the connected vehicle, with an associated working group.  The IT/OT Working Group creates a forum for technical IT and OT cybersecurity experts in the automotive industry to share actionable intelligence regarding cybersecurity challenges, threats, and risk mitigation methods to build resiliency of the connected vehicle.  Auto-ISAC has also set up a new group for the CISOs, the CISO Executive Working Group.  They are sharing topical information and collaborating to build resiliency across the automotive industry.

The Auto-ISAC has global representation. Its members represent more than 99 percent of light-duty vehicles on the road in North America. Members also include heavy-duty vehicles, commercial fleets and carriers and suppliers. For more information, please visit www.automotiveisac.com and follow us @autoisac.                                                        

Auto-ISAC’s 2022 Cybersecurity Summit is scheduled for September 7-8, 2022, hosted by Bosch in Detroit, MI and virtually. To register or become a sponsor of the Summit, please visit 2022 Auto-ISAC Cybersecurity Summit, and follow us @autoisac.                                                        

About itemis

itemis is a multi-award winning IoT software and IT consulting company from Germany. As a hidden champion, itemis provides the market-leading, model-based cyber security solution for performing automotive threat assessments and risk analyses (TARA) known as Security Analyst. itemis was founded 2003 in Luenen, Germany and has deep expertise in model-based tooling and embedded systems engineering. Major automotive OEMs and Tier 1 suppliers within the automotive industry rely on itemis for its exceptional software products and IT-related services.  itemis has locations around the world including in the USA, in Chicago, IL. 

About Trustonic 

Trustonic powers trust in technology by embedding security into smart devices and connected cars, for businesses to innovate and embrace new opportunities with peace of mind. Using best-in-class hardware level security coupled with software app protection, Trustonic secures revenue, powers innovation and ensures reliability. 

Based in Cambridge, UK, Trustonic was initially created from a joint venture between ARM, Thales and G&D. Today, it counts the world’s leading car manufacturers, financial institutions, and mobile operators as customers, as well as every tier one Android handset manufacturer. 

Media Contacts:

Michael Shokouhi

Auto-ISAC Business Operations and Communications

202-507-6219

michaelshokouhi@automotiveisac.com

Florian Marte

Head of Marketing, itemis AG

+49 (0)170 45 11197

fmarte@itemis.com

Trustonic

info@trustonic.com

---