Auto-ISAC 2018 Summit

In the Fast Lane

September 24-26, 2018
Motor City Hotel/Casino, Detroit, MI

All events to be held at the Motor City Casino unless otherwise indicated.

Monday September 24, 2018 

8:30 am – 12:00 pmAuto-ISAC Affiliate Advisory Board (AAB) Meeting (Members only)
12:00 – 1:00 pmAuto-ISAC AAB and BoD Networking Lunch & Presentation (Members only). CTIA's Cyber Certification Plan for IoT Devices
1:00 – 5:00 pmAuto-ISAC Board of Director’s (BoD) Meeting (Members only)
5:00 - 7:00 pm Summit Welcome Reception sponsored by Akamai (All Attendees)
7:00 - 9:00 pm Board of Director’s Dinner sponsored by General Motors (Members Only)

Tuesday September 25, 2018 

7:00 amRegistration Opens
7:00 – 8:00 amBreakfast
8:00 – 8:15 amOfficial Summit Welcome - Mark Chernoby, Chief Technical Compliance Officer, FCA

Cybersecurity Legislative Policy Landscape Quadrant

This quadrant will examine the state of the legislative policy landscape impacting smart, connected and autonomous vehicles, privacy and cybersecurity. Speakers will address regulatory expectations, state, federal and global testing guidelines and restrictions, best practices and a general overview of the direction the industry is headed, including global implications. GDPR launched in May of 2018 and with a few months to observe its impact, legal and privacy specialists will evaluate the impact to the automotive industry and information sharing.

Master of Ceremony: Tom Stricker, Toyota, Auto-ISAC Board Vice-Chair
Summit Task Force: Sean McMorrow, Mazda

8:15 - 9:15 amKeynote Presentations
  • The Hon. Debbie Dingell, U.S. Congresswoman MI 12th District
  • The Hon. Gary Peters, U.S. Senator MI (Video)
  • The Hon. Derek Kan, U.S. Department of Transportation, Under Secretary
9:15 - 10:00 amAutonomous Vehicles (AV) Policy Panel – Ready, Set <Don’t> Drive
  • Sean McMorrow, Mazda, Moderator
  • Tim Johnson, National Highway Traffic Safety Administration
  • David DeVries, Michigan’s Department of Technology Management and Budget (DTMB) and State CIO
  • Dave Schwietert, Auto Alliance
  • Linda Rhodes, Mayer Brown LLP
10:00 - 10:30 am Networking Break Sponsored by Alliance of Automobile Manufacturers
10:30 - 11:15 amPrivacy Panel: Legislative Impact on Information Sharing and Data Analytics
  • Nikole Davenport, Deloitte, Moderator
  • Lauren Smith, Future of Privacy Forum
  • Eric Dakake, AT&T
  • Charles Haake, Association of Global Automakers
  • Bradley Weissenberger, Trillium Secure
11:15 - 12:00 pm4-Dimensional Automotive Cybersecurity Ami Dotan, CEO & Co-Founder & Assaf Harel, Chief Scientist & Co-Founder, Karamba Security
12:00 - 1:00 pmLunch Sponsored by: Ford Motor Company

Vulnerability Management & Incident Response Quadrant

Critical functions of the Auto-ISAC are centered around membership vulnerability management and incident response. Speakers will discuss how Auto-ISAC members share vulnerabilities and respond to an incident while maintaining anonymity and collaborating across the industry. A key aspect is working not only with other members but also key stakeholders, to include partners, government regulatory agencies and law enforcement. This session will dive into the roles and responsibilities across the ecosystem, and how these expectations may differ across stakeholders. Risk management philosophies and approaches, along with an overview of current and in-progress standardization for smart and connected vehicles will be discussed.

Master of Ceremony: Steven Center, American Honda Motor Company, Auto-ISAC Board Secretary
Summit Task Force: Doug Longhitano, American Honda Motor Company

1:00 - 1:30 pmKeynote - Heidi King, NHTSA Deputy Administrator
1:30 - 2:15 pmIncident Response Panel – Who’s on First? 
  • Geoff Wood, Harman, Moderator
  • Robert Kaster, Bosch
  • Ryan Brander, Geotab
  • John Felker, DHS National Cybersecurity and Communications Integration Center (NCCIC)
  • Nick Reddig, GM
2:15 - 3:00 pmHardening Automotive Embedded Devices for Cyber Resiliency Dr. Ang Cui, CEO & Chief Scientist Red Balloon Security
3:00 - 3:30 pm Networking Break Sponsored by Alliance of Automobile Manufacturers
3:30 - 4:00 pmTier 1 Vulnerability Management Through Information Sharing Amy Chu, Sr. Director, Automotive Cybersecurity, Harman
4:00 - 4:45 pmCyber Training & Research Panel - Cyber Talent is the Fuel for Safe Modern Transportation – So Where is the Gas Station
  • Karl Heimer, Heimer & Associates, LLC, Moderator
  • Jeremy Daily, University of Tulsa
  • Dave Schippers, Walsh College
  • Urban Jonson, NMFTA
  • Doug Wylie, SANS
4:45 - 5:00 pm Evening events and day’s summary by Steve Center, American Honda Motor Company, Auto-ISAC Board Secretary
5:00 - 6:00 pmFuture Workforce Demonstration Sponsored by The NEXT Education and GRIDSMART
6:00 - 8:00 pmEvening Reception Sponsored by Blackberry
7:00 - 9:00 pmBoard VIP (Invite Only) Dinner Sponsored by Arxan
9:00 - 11:00 pmAfter Hours Happy Hour Sponsored by Red Balloon Security

DAY TWO: Wednesday September 26, 2018 

7:00 amRegistration Opens
7:30 - 8:30 amBreakfast

Cyber Culture and Building an Organization

The automotive industry has a strong safety culture but historically cybersecurity has not been in our vernacular. The ability to build and staff a cyber organization requires an integrated approach to address both culture and training. Staffing automotive cybersecurity teams is an on-going challenge that affects all members of the Auto-ISAC. Speakers will offer options for filling the pipeline with cybersecurity automotive product engineers. Discussion will include how to build the future workforce that includes programs ranging from high school, college and professional apprenticeship programs. Teaching automotive cybersecurity to product engineers will address building awareness (both internal and external) to better support the culture of cybersecurity in the existing workforce.

Master of Ceremony: Jeff Massimilla, GM, Auto-ISAC Board Chair
Summit Task Force: Brian Murray, ZF

8:30 - 9:00 amKeynote - Dr. David Nicol, Director of the DHS Critical Infrastructure Institute, Director of the University of Illinois Information Trust Institute, and Professor of Electrical and Computer Engineering.
9:00 - 9:45 amCyber Exercise Panel: The Reality Check
  • John Foti, Booz Allen Hamilton, DHS Cyber Storm VI, Moderator
  • Doug Longhitano, Honda
  • Stephanie Beeman, Hyundai
  • Delia Zdrojewski, Ford
  • Rob Heilman, NHTSA
  • Josh Poster, Auto-ISAC
9:45 - 10:15 amExhibitor Networking Break
10:15 - 10:45 amIn The Fast Lane: How we got there – and how we plan to stay there Timo van Roermund, Director Automotive Security, NXP
10:45 - 11:15 amKeynote - Karl Heimer, Senior Cyber Automotive Technical Advisor
11:15 - 12:00 pmLightning Round
  • Apprenti- workforce solution for IT talent, David Palmer, Senior Director for Strategies & Partnerships, Workforce Intelligence Network (WIN)
  • A New Culture in Education, Cyndi Millns, M.Ed., CISSO, Pinckney Cyber Institute
  • 2019 Automotive Cybersecurity Survey by Ponemon, Synopsis, and SAE, Chris Clark, Principal Security Engineer for Strategic Initiatives, Synopsys
12:00 - 1:00 pmLunch

Threat Intelligence Quadrant

Threat intelligence is the in-depth analysis of potential computer and network security threats to an organization. The goal is to get as much information as possible about threats so that a company can act quickly to address them. The term implies anticipating and defending against attacks rather than just reacting with incident management techniques. In the Auto-ISAC model, it acts as an extension of the company and casts a wider net across industry, where collaboration and sharing across automotive members can help one or many member companies. The Auto-ISAC engages product security professionals from across membership to share information on threats and collaborate on mitigation. As attacks become more sophisticated, professionals working to minimize threats must collaborate with each other and partners to build resiliency across the global automotive industry.

Master of Ceremony: Jeff Stewart, AT&T, Auto-ISAC Affiliate Advisor Board Chair
Summit Task Force: Geoff Wood, Harman

1:00 - 1:30 pmKeynote - Bill Evanina, Director, National Counterintelligence and Security Center
1:30 - 1:45 pmKeynote - Shigeru Uehara, Toyota, Chairman, Japan Auto-ISAC
1:45 - 2:15 pmEffective Cybersecurity in a Rapidly Evolving Automotive Landscape – A Tier 1 Perspective Sandip Ranjhan, Senior Vice President, Auto Business Unit, Harman
2:15 - 2:30 pm The Manufacturing Sector-Securing Your Organization Through Partnership Kathleen Nuccetelli, Critical Infrastructure Analyst Sector Outreach and Programs Division, Office of Infrastructure Protection, U.S. Department of Homeland Security
2:30 - 3:00 pmExhibitor Networking Break
3:00 - 3:30 pmThe Semiconductor Industry
What is the Role of Silicon Vendors to help Security Fragmentation Problem?
Jeff Shiner, Director of IoT & Security Solutions Micron Technology
3:45 - 4:00 pmOverview and status of ISO-SAE 21434 - “Road vehicles: Cybersecurity Engineering” Standard John Krzeszewski, Chief Engineer, Cybersecurity Chair, “PG1: Risk Management” in ISO/SAE 21434 Aptiv
4:00 - 4:30 pmClosing Keynote: The Evolving Global Threat Landscape John “Mike” McConnell, Ret. Admiral, Former Director of the National Security Agency (NSA), Former Director of National Intelligence (DNI) and Former Booz Allen Hamilton Senior Executive Advisor
4:30 pmClosing Remarks by Jeff Stewart, AT&T
5:00 - 7:00 pmAnalyst’s Reception Sponsored by IOActive

Thursday, September 27 - Members Only

The Auto-ISAC Analyst’s Working Group Workshop will be held all day on Thursday, September 27th at Motor City and is sponsored by Recorded Future.

A special thanks to Grimm Security for supporting the Summit Task Force and a car hacking seminar for the Auto-ISAC Analyst’s Working Group.

Thank you for your support and participation!

Click the button below to download a printable agenda.