Skip to navigation Skip to main content Skip to footer

Automotive Cyber Security Insights from the 8th Annual Auto-ISAC Summit

07 November 2024

By NCC Group

 

NCC Group was the proud executive lunch sponsor during the 8th Annual Auto-ISAC Cybersecurity Summit in Detroit, Michigan—the 'Motor City'. We felt fortunate to have met hundreds of automotive cyber security leaders and professionals from across the world. Putting on one of the auto industry's leading cyber security events, the Auto-ISAC showcased insights from manufacturers, suppliers, thought leaders, lawmakers, practitioners, and other stakeholders to improve cyber security and resilience across the sector.

To keep you on track, we came away with some electrifying insights about the future of automotive cyber security!

What's top of mind for automotive cyber professionals:

  • The automotive industry is in a rapid digital transformation
  • Collaboration is key to strengthening cyber security ecosystems
  • Regulatory changes are reshaping supply chain dynamics
  • AI is emerging as both a defensive tool and a potential challenge

Our lunch on Day 1 of the summit welcomed just over 20 leading cyber and automotive minds to explore the topic of "Streamlining Global Automotive Cyber Security Governance." It was great to convene and discuss how we can make vehicles not just smarter, but also more secure.

We opened with a brief presentation that sparked critical conversations about balancing innovation with rock-solid security. Many in the room commented on the complexity of achieving compliance across regionally dispersed platforms and systems, specifically regarding improving efficiency within a vehicle's secure development lifecycle.

To get a better sense of that discussion, please feel free to view some of the slides highlighting automotive cyber security challenges, innovations, and benefits.

What else is driving automotive cyber security?

Aside from our lunch, there were many additional insights we took away from the presentations we enjoyed:


1. Building cyber-ready ecosystems and collaboration

Government leaders from the National Highway Traffic Safety Administration (NHTSA) made one thing crystal clear: automotive cyber security isn't just a tech issue—it's a national priority. The message to the industry was, "It's not just about protecting vehicles; we're safeguarding consumers and public safety."

Some standout moments on the adjacent theme of 'collaboration' included CISOs from Nissan, Borg Warner, and Denso discussing the massive organizational shifts happening across the industry. The main takeaway was that collaboration is no longer optional—it's essential.


2. Innovation meets security

We got a sneak peek into some game-changing developments, including:

  • A potential Software Bill of Materials (SBOM) from Auto-ISAC (January 2025).
  • Updates on regional cyber security initiatives across the US, Japan, and Europe.
  • New threat analysis tools that are making our defensive strategies smarter.

 

3. Regulatory landscape: Buckle up!

The Executive Director of the Office of Information and Communications Technology and Services (OICTS), the Bureau of Industry and Security (BIS), and the US Department of Commerce released significant news about proposed rules that could dramatically reshape automotive supply chains. What stood out most was a potential restriction on suppliers from certain countries, which could force major strategic recalibrations.


4. The AI factor

Artificial Intelligence was the talk of Motor City—not as a cyber silver bullet but as a complex tool the sector is still learning to wield effectively. While the current applications in automotive cyber security remain largely academic, it's clear that AI will play an increasingly crucial role.

We were particularly inspired by the summit's concluding Capture the Flag Challenge, which showcased the next generation of cyber security talent bringing fresh perspectives to automotive security.

 

Final thoughts at the checkered flag: 

  • Embrace collaboration: Break down silos between IT, operational technology, innovation, safety, and security teams.
  • Stay adaptable: Regulatory and technological landscapes are shifting rapidly.
  • Think holistically: Cyber security is about protecting entire ecosystems, not just individual components.
  • Invest in talent: The future of automotive security depends on nurturing new cyber security leaders.

As pioneers in automotive cyber security, NCC Group is determined to continue our efforts to advance security and safety in this rapidly evolving sector. Gatherings like this are so important to achieve our collective security goals in the current threat landscape.

The automotive sector plays a crucial role in safeguarding mobility, innovation, and public trust. The Auto-ISAC Summit was a powerful reminder that our work is more important than ever.

 


 

NCC Group

NCC Group

NCC Group exists to make the world safer and more secure.

As global experts in cyber security and risk mitigation, NCC Group is trusted by over 14,000 customers worldwide to protect their most critical assets from the ever-changing threat landscape.

Steering the automotive industry in the right direction for decades

We're proud to have an exceptional team of automotive cyber security experts working to make the world a safer and more secure place. Learn more about our services by downloading our automotive services guide or help yourself to a copy of our lunch presentation slides.