AUTOMOTIVE INFORMATION SHARING AND ANALYSIS CENTER

An industry-driven community to share and analyze intelligence about emerging cybersecurity risks to the vehicle, and to collectively enhance vehicle cybersecurity capabilities across the global automotive industry, including light- and heavy-duty vehicle OEMs, suppliers and the commercial vehicle sector.

Automotive connectivity

Vehicles are benefiting from a wave of technology innovation, producing transportation that is safer, cleaner and smarter thanks in large part to automotive and information systems that provide more connectivity. The very technology that provides us with these new efficiencies also introduces cyber risk to the vehicle, which is why the industry is proactively addressing this issue as a critical focus.

Security at every stage

Automakers, their suppliers and commercial vehicle companies are committed to strong cybersecurity protections in these systems, and are taking many actions, including implementing security feature sin every stage of the vehicle lifecycle. The Auto-ISAC provides an external resource – an industry-wide forum for companies to collaborate to identify threats sooner, and share solutions to enhance vehicle cybersecurity.

Our History

In 2014, the Auto Alliance, Global Automakers and fourteen automakers joined forces to form the Auto-ISAC, a community to share and analyze intelligence about emerging cybersecurity risks to the vehicle. The organization was officially established in August 2015, and its intelligence sharing platform went live in January 2016. Since then, the Auto-ISAC has broadened its horizons to include a more comprehensive view of the connected vehicle ecosystem. Today, membership includes light- and heavy-duty vehicle OEMs, suppliers and the commercial vehicle sector (e.g. fleets, carriers).

August 2015

Auto Alliance, Global Automakers and 14 OEM’s formed Auto-ISAC as a 501(c)6

January 2016

Launched initial operation capabilities, including intelligence sharing portal

February 2016

Expanded membership to suppliers

July 2016

Conducted vehicle cyber incident response tabletop generating Best Practice strategy

July 2016

Released Best Practice Executive Summary

November 2016

Expanded membership to heavy-duty vehicle OEM’s & suppliers

January 2017

Expanded membership to commercial vehicle carriers and fleets

July 2017

First two Best Practice Guides made available to industry stakeholders via request

December 2017

Inaugural Auto-ISAC Summit in Dearborn, Michigan

February 2018

Released publicly two Best Practices Guides

September 2018

Mark your calendars for the second Auto-ISAC Summit

Intelligence Sharing and Analysis

CONTRIBUTORSINTELLIGENCE RESULTS KEY TAKEAWAY

CONTRIBUTORSINTELLIGENCERESULTS KEY TAKEAWAY

Types of
information

Vulnerabilities
Threat feeds
Research
Best practices
Intelligence
Trends
Forecasts
Data feeds

Auto-ISAC
 Analysis

Validate
Analysis
Impact
assessment
Pattern
identification

Auto-ISAC
 Portal

Intel reports
Trend analysis &
dashboards
Wiki pages

CONTRIBUTORS INTELLIGENCE RESULTS KEY TAKEAWAY

Efficiently identify threats

Supplement internal intelligence with
external sources

Validate risk analysis

Reliable industry-level findings
and best practices

Detect vulnerabilities faster

Cross-industry vulnerability
information sharing

A diversity of information sources is what drives value of our intel sharing and analysis capabilities

CONTRIBUTORS INTELLIGENCE RESULTSKEY TAKEAWAY

< < < SWIPE

Types of
information

Vulnerabilities
Threat feeds
Research
Best practices
Intelligence
Trends
Forecasts
Data feeds

Auto-ISAC
 Analysis

Validate
Analysis
Impact
assessment
Pattern
identification

Auto-ISAC
 Portal

Intel reports
Trend analysis &
dashboards
Wiki pages

< < < SWIPE

Efficiently identify
threats

Supplement internal
intelligence with
external sources

Validate risk
analysis

Reliable industry-level
findings and best
practices

Detect
vulnerabilities
faster

Cross-industry
vulnerability information
sharing

A diversity of information sources is what drives value of our intel sharing and analysis capabilities

Auto-ISAC has global representation from Members headquartered across North America, Europe, and Asia. Our Members represent 99% of all light-duty vehicles on the road in North America and span seven countries on three continents. As a member of the National Council of ISACs, Auto-ISAC also coordinates with 23 other ISACs covering critical infrastructure areas like healthcare and aviation, telecommunications and financial services

Have Something to Share?

Although Auto-ISAC is not a coordinated disclosure or bounty-based organization, anyone can submit information to Auto-ISAC. Automotive cybersecurity researchers, academia and enthusiasts welcome. Tell us a little about yourself and submission topic, and your discovery could end up as part of an Auto-ISAC Intelligence Report.

SHARE INFORMATION