Initiative Launched to Protect Automotive Supply Chain

Initiative Launched to Protect Automotive Supply Chain

A new initiative has been announced by the Automotive Industry Action Group (AIAG) to help automotive suppliers compare their current capabilities to industry best practice.

Developed in partnership with NCQ, the Cyber Safe Bundle includes a one-time virtual audit, along with either a basic or advanced enterprise risk assessment. Together, these resources allow suppliers to evaluate their overall cybersecurity efforts and identify the most critical areas for improvement.

The audit is a remote threat analysis that searches a supplier-provided URL or domain name for known vulnerabilities using a database of more than 53,000 common configuration issues, updated in real time with the latest threats. It then identifies system weaknesses without damaging the resource being checked and provides an automated corrective action plan with practical steps the supplier can take to improve its cybersecurity.

Tanya Bolden, AIAG’s director of supply chain products and services, said: “Cyber-attacks have become so prevalent that larger companies are now spending thousands and sometimes millions of dollars to protect their systems. AIAG feels strongly about the importance of making resources developed by OEMs available to smaller companies in the automotive supply chain – companies that may not have the budget or human resources available to proactively protect themselves from cyber-attack.

“The perception is that only larger companies are targeted for cyber-attack, but the fact is that small and medium-sized companies are particularly vulnerable. A supply chain is only as strong as its weakest partner, which is why cyber-attackers go after companies that may be easier targets.” 

Charles Morrison, NQC managing director, added: “We are very pleased to bring our expertise to this collaboration with AIAG, and we are confident this suite of tools will provide much needed protection to suppliers across the industry.”

Source: Information Security Magazine