NHTSA takes a proactive cyber safety approach
The National Highway Traffic Safety Administration (NHTSA) recently released a set of guidelines aimed at improving vehicle cybersecurity protecting cars from hacking.
Federal regulators put forth the guidelines — [link url=”https://www.nhtsa.gov/About-NHTSA/Press-Releases/nhtsa_cybersecurity_best_practices_10242016″ title=”Cybersecurity Best Practices for Modern Vehicles”] — in an effort to bolster overall cybersecurity in connected vehicles.
“Cybersecurity is a safety issue, and a top priority at the Department. Our intention with today’s guidance is to provide best practices to help protect against breaches and other security failures that can put motor vehicle safety at risk.” — U.S. Transportation Secretary
[link url=”https://www.nhtsa.gov/About-NHTSA/Press-Releases/nhtsa_cybersecurity_best_practices_10242016″ title=”Anthony Foxx”]
Non-binding guidance
The recently published best practices serve as non-binding guidance for the auto industry. Despite the voluntary nature of the guidance, the NHTSA urged main players in the automotive industry to make vehicle cybersecurity an organizational priority.
Organizations can make cybersecurity a priority, the guidelines noted, by:
— Allocating dedicated resources within the organization to various facets of cybersecurity.
— Facilitating seamless and direct communication channels regarding cybersecurity matters.
— Implementing an independent voice for vehicle cybersecurity-related considerations.
Cybersecurity for your car? NHTSA issues first-ever guidelines to protect cars from hacking. https://t.co/NTYg1M6S1Q
— Consumer Reports (@ConsumerReports) October 25, 2016
Layered approach
The 22-page document defines the NHTSA’s “layered approach” to vehicle cybersecurity. In part, this approach works to mitigate damage from a potential cyber attack by following certain rules.
Rules include always following through on core parts of any security strategy — identifying, protecting, detecting, responding and recovering — in order to learn on the fly. Learning on the fly allows for continual strengthening of overall cybersecurity.
Comments are closed.