Troy, MI-On Tuesday, July 14 at the 2015 SAE Battelle CyberAuto Challenge automakers announced an added layer of cyber protections by launching an Auto ISAC that will serve as a central hub for intelligence and analysis, providing timely sharing of cyber threat information and potential vulnerabilities in motor vehicle electronics or associated in–vehicle networks.
Remarks from Vice President for Vehicle Safety at the Alliance of Automobile Manufacturers, Rob Strassburger, at the CyberAuto Press Conference Call:
Good afternoon. Thank you for participating today.
I am Robert Strassburger and I am Vice President for Vehicle Safety at the Alliance of Automobile Manufacturers, Inc.
Computer technology has made possible dramatic advancements in auto safety, clean–car technology and fuel economy.
From the first stages of design and development, automakers are working on multiple fronts to assure that cars and trucks are safe and secure.
When it comes to cyber security, sound cyber policy and resiliency is collaborative.
Last July, here at the Cyber Auto Challenge, the Alliance and Global Automakers announced that we had begun work to enhance the industry’s cybersecurity posture by working collaboratively to develop a voluntary Information Sharing and Analysis Center – or ISAC.
We have now completed the specifications for the ISAC needed for the auto sector.
Today, we are announcing an added layer of cyber protections by launching an Auto ISAC that will serve as a central hub for intelligence and analysis, providing timely sharing of cyber threat information and potential vulnerabilities in motor vehicle electronics or associated in–vehicle networks.
We expect the Auto ISAC to begin operations late this year.
At first, automakers from around the world will receive the threat information distributed by the Auto ISAC.
We anticipate that the Auto ISAC will eventually expand to include auto suppliers and, over time, could also include strategic partners, such as telecommunications providers and technology companies.
The Auto ISAC will allow automakers to more effectively counter cyber threats in real time and further enhance the industry’s on–going efforts to safeguard vehicle electronic systems and networks.
Following a competitive bidding process during which multiple bids were received, Booz Allen Hamilton was selected to work with Members from the Alliance and Global Automakers to identify the structure, scope, governance, operating procedures and policies for the Auto ISAC.
Booz Allen Hamilton is a leading technology consulting and engineering firm with deep roots in cyber and national security.
Finally, anticipating that Congress will act on information–sharing measures sometime this summer, Congress can further help boost this industry led endeavor.
Reiterating that sound cyber policy and resiliency is collaborative; we encourage policymakers to include legal protections that facilitate cyber security information sharing.
The establishment of the Auto ISAC complements another joint action by our two associations to help promote the security of vehicle–generated data.
In November 2014, Participating Members of the Alliance and Global Automakers voluntarily adopted Privacy Principles that will govern data retrieved from vehicles.
These principles – the first of their kind in the so-called “Internet of Things” – reflect a major step in protecting personal information .
As automakers prepare for an increasing interconnected future, we have the opportunity to anticipate and prepare for the complexities and challenges that the future may bring.
The Auto ISAC and our data Privacy Principles are the latest examples of the proactive and diverse approaches that automakers are taking to enhance vehicle and data security which remains among the industry’s top priorities.
 NOTE: Companies adopting the principles commit to notifying consumers about the kinds of data that may be collected from vehicles; provide heightened protection for the most sensitive types of consumer information (such as geolocation); and clearly limit the circumstances where information may be shared with government authorities.