Cybellum and The Automotive Security Research Group performed a joint survey of 50 top Global OEMs and Tier-1-2 automotive suppliers were surveyed to assess their preparedness against vulnerabilities and threats. Given that UNECE WP.29 R155 enforcement is coming in Japan, South Korea and the EU, and ISO/SAE 21434 is now released, 30% of respondents have not started preparing for the cybersecurity requirements and a mere 6% are fully prepared. 2022 is rapidly approaching when automotive cybersecurity changes from a best practice to mandated and enforced.
Not only are automotive players not ready for new regulations, their IT security practices are sorely lacking. The survey uncovered that 63% of respondents haven’t automated any aspect of their vulnerability management process and 43% claim manual processes as the reason behind lengthy security assessments. 42% cite lack of coordination along the supply chain as a major hurdle for timely assessments. For 74%, their attention is going to prioritizing vulnerability management solutions that automate post-production continuous monitoring.
The free report is available for download via the Cybellum website – here.
Original Release: PR Newswire