Car manufacturers have released a new best practices document designed to improve vehicle cybersecurity in the industry.
The doc was penned by the 15 car-maker members of the Automotive Information Sharing and Analysis Center (Auto-ISAC) and draws on the expert advice of over 50 automotive cybersecurity experts.
It includes advice in seven key topic areas: governance; risk assessment & management; security by design; threat detection and protection; incident response; awareness & training; and collaboration & engagement with third parties.
Auto-ISAC claimed the advice features deep technical expertise and draws on established frameworks such as ISO and NIST, but tailored for the automobile industry.
“Automakers are committed to being proactive and will not wait for cyber threats to materialize into safety risks,” said Auto-ISAC chairman Tom Stricker in a statement.
“The Best Practices initiative represents this commitment to proactive collaboration that our industry made when we stood up the Auto-ISAC last year. I’m proud of the way we have united in our endeavor to minimize the risks our consumers might face from cybersecurity and privacy threats.”
Threat levels in the industry are on the rise, with even the FBI being forced to release cybersecurity advice for car owners recently.
Its tips include ensuring car software is patched and up-to-date, to be cautious when modifying on-board software, and to exercise discretion when connecting third party devices to the vehicle.
According to reports from earlier this month, car thieves in Houston managed to gain access to and drive away Jeep Wranglers and Cherokees by hacking them.
As the industry moves towards driverless cars the threat becomes even greater.
Experts have already warned the UK government to ensure cybersecurity risks are taken into account during the current consultation into self-driving technologies.
The US attorney general’s office has even warned that rogue nation states could remotely hack connected vehicles in assassination attempts.