Department of Homeland Security agrees to share vehicle cyber-threat info

Posted: 26 January 2018 | | No comments yet

An agreement has been signed meaning Auto-ISAC can access cyber-information when a threat is detected, enabling them to protect connected vehicles…

Auto-ISAC to participate in cybersecurity information sharing

The Automotive Information Sharing and Analysis Center (Auto-ISAC) has signed a Cooperative Research and Development Agreement (CRADA) with the US Department of Homeland Security (DHS) to collaborate and improve vehicle cyber-threat information sharing and analysis.

Signing a CRADA with DHS enables private sector companies to participate in the Cyber Information Sharing and Collaboration Program (CISCP), the department’s flagship program for cybersecurity information sharing regarding cyber-threats, incidents and vulnerabilities. 

CISCP partners voluntarily submit observed cyber-threats and information about cyber-incidents and identified vulnerabilities, all done anonymously. Data submitted to CISCP falls under the Protected Critical Infrastructure Information Program and are statutorily exempt from regulatory use or disclosure.

“This relationship with DHS provides our cyber-security experts the opportunity to work with their counterparts in the federal government to increase information sharing and analysis,” said Jeff Massimila, General Motors and Chair of Auto-ISAC’s.

The agreement could enable access to DHS’ National Cybersecurity and Communication Integration Center (NCCIC), a security operations watch centre. The agreement also provides ISAC personnel with eligibility for security clearances to view classified threat information.

Faye Francy, Auto-ISAC Executive Director, said: “As the automotive industry continues to prepare for an increasingly interconnected future, the ability to collaborate with DHS and other private sector companies markedly increases our ability to detect and prevent vehicle cyber-security threats.”

By signing the agreement Auto-ISAC will be able to work alongside the government and other ISAC partners in sharing and analysing data and information; blocking cyber-threats before real damage occurs. There are a number of valuable products available to the partners through the program, including indicator bulletins, analysis reports, priority alerts and recommended practices.

With the future holding many connected vehicles, cyber-security is an essential tool. Through the establishment of Auto-ISAC, there is hub where members can share, track and analyse intelligence regarding potential cyber-threats; tackling today’s cyber-security challenges.