Improving Connected Vehicle CybersecurityFaye Francy of Auto-ISAC Says Threat Intel Sharing Is Growing
Connected vehicles are rife with cybersecurity risk. But automakers and suppliers are increasingly sharing critical information.
The Automotive Information Sharing and Analysis Center, or Auto-ISAC, has 60 members now, up from 14 original equipment manufacturers when it launched in 2014, says Faye Francy, its executive director. Those organizations share threat intelligence on a platform called Celerium, Francy says.
Auto-ISAC is also addressing the need for better supply chain security. Francy says her organization's Supplier Affinity Group is working on a software bill-of-materials model for the automotive industry. The model will offer a detailed list of what kinds of software a finished application contains, which makes it easier to ensure those components are up to date with patches.
The model "can really help us with known vulnerabilities and managing that risk," Francy says.
In this video interview, Francy discusses:
- How manufacturers and suppliers are exchanging intelligence;
- What supply chain security challenges the auto industry faces;
- How long-term support for connected vehicles is shaping up.
Faye Francy is executive director of Auto-ISAC, a forum for exchanging intelligence about emerging cybersecurity threats. Francy was previously an executive at Boeing, developing cybersecurity strategies for aviation systems while also executive director of Aviation-ISAC.