Automotive Cyber Security Management Quick-Check
– Self-Assessment Benchmarking and Roadmap –

Cyber Security has become increasingly a critical aspect of the overall product design and development in various industry branches, especially in the Automotive Sector.

The two new UN Regulations, adopted by UNECE’s World Forum for Harmonization of Vehicle Regulations, require that measures be implemented across 4 distinct disciplines:

●Managing vehicle cyber risks by setting up a Cyber Security Management System (CSMS)

● Securing vehicles by design to mitigate risks along the value chain

● Detecting and responding to security incidents across vehicle fleet

● Providing safe and secure software updates

The regulations will apply to passenger cars, vans, trucks and buses. They will enter into force in January 2021.
In the European Union, the new regulation on cyber security will be mandatory for all new vehicle types fromJuly 2022 and will become mandatory for all new vehicles produced from July 2024.
Our approach is to combine the cross-industry standards, like ISO 27000 series and NIST SP-800 securityframework, with industry-related norms, like ISO/SAE 21434 for automotive.
Cyber Security and Functional Safety have close interfaces and synergies and for this reason we appeal to ourwell-established expertise from the latter in order to leverage combined risk and threat analysis, as well assafe and secure design and architecture.
Generally we can support you in:

● Automotive secure process, management and engineering as per ISO/SAE 21434

● Software safety and security-oriented design review and analysis

● General security governance, support for ISMS and risk assessment methods as required per ISO/IEC 27001

● Setting up, operating or integrating a Cyber Security Management System (CSMS)

● Developing a strategy for a Security Operations Center for Vehicles (VSOC)

● Capacity and Competence Building

Featuring this unique combination of expertise, we offer you a combined approach to tackle the upcoming challenges.

In a first step we agree on topics to assess and provide a cyber security self-assessment which analyse the fundamental requirements in these areas. A report will present the results of the assessment in a general, standardized form.

In an optional second step, based on the results of the first step, we conduct interviews in which we focus on weaknesses, gaps and vulnerabilities in order to define an individual roadmap to cyber security compliance and effectiveness.

The analysis is thematically clustered in the following areas:

1. Information and Know-how Management System (ISMS, ISO 27001, TISAX)

● Security Management Organization, Education and Culture, Information Security Management System, Supply Chain Security, Knowledge Protection

2. Cyber Security Management System (CSMS, VSOC, ISO 21434)

● Cyber Security Management System, Vehicle Security Operations Center

3. Project dependent Cyber Security Management (ISO 21434, ASPICE, ISO 26262)

● Concept phase, Product development, Production, Operation and Maintenance,Supplier Management, Interface to Safety

4. Asset dependent Cyber Security Management (ISO 27002, ISO 62443, ISO 21434)

● Asset identification, Asset Management, Threat scenario identification, Attack path analysis, Attack feasability ranking

Approach:

The cyber security self-assessment starts with an initial conference call where we present the approach.

After your decision on the topics to be assessed we will request an evaluator from your side who answers the questions given in a web-based survey-like way. The results will be handled confidential. As output we will deliver a short benchmarking report containing the results of the analysis. The report will show the status quo on a maturity-scale and will provide standardized suggestions on improvements in addition.

The duration of the process depends on your response time to the survey questions.

Price and Special Offer:

The price of the step-one self-assessment is: 5.900 € excl. VAT

For Automotive Cyber Security Summit attendees the special offer price is: 4.800 € excl. VAT

This special offer is valid until 30th November 2020.

Contact

ClockworkX

Alte Landstrasse 25, 85521 Ottobrunn

(+49) 89 219-64451

info@clockworkx.de

www.clockworkx.de

VICCON GmbH

Ottostr. 1, 76275 Ettlingen

(+49) 7243 719 734

info@viccon.de

www.viccon.de