Since January 1, 2023, automotive cybersecurity solutions from ESCRYPT have been offered under the ETAS brand. Read more.
Compliant cybersecurity management has become a decisive success factor for automotive managers. The UNECE WP.29 cybersecurity regulation 155 and the ISO/SAE 21434 standard mandate vehicle security at type approval and for the entire lifecycle.
Safety and business impacts of cyber risks have never been higher in the automotive industry: With the adoption of automated driving and connected vehicles cybersecurity must be continuously defined, monitored, and improved. Impending automotive-specific regulation make it critical for OEMs and suppliers to set up adequate security management systems on the first attempt and with greatest efficiency.
The ESCRYPT Product Security Organization Framework (PROOF) by ETAS provides a proven methodology to optimize cybersecurity efficiency.
Your PROOF benefits
- Profit from global insights & benchmarks based on our decades of experience in auditing & automotive security engineering
- Our holistic, end-to-end expertise in automotive & enterprise security makes us ideal partners to roll out your CSMS in time and with optimal efficiency
- Our proven approach reliably guides you from the first readiness check to the commissioning and operation of your CSMS
Mastering cybersecurity challenges with PROOF
In cooperation with management consultants KPMG AG, ETAS has developed the Product Security Organization Framework that covers the developments for cybersecurity in the automotive sector in five domains: Cybersecurity management, risk management, concept & development, production & operation and ecosystem.
These domains and their subdomains and activities provide a structured, traceable approach to achieving cybersecurity in accordance with the legal and standard requirements.
Automotive cyber maturity report
ETAS and KPMG in Germany conducted a survey at the beginning of 2021 with a focus on the CSMS programs at manufacturers and suppliers to find out how far the industry is with its CSMS implementations and what the remaining challenges are.
Building on your own strengths
In light of the disruption caused by digitalization, manufacturers and suppliers who are best at identifying and leveraging existing strengths will be the fastest to set up compliant cybersecurity management systems and will achieve the greatest return-on-investment.
The idea of not reinventing the wheel and optimizing cybersecurity efficiency is at the core of PROOF: Benchmarks and targeted CSMS roadmaps increase transparency of potential gaps, hidden strengths, and enable a custom-fit optimal cybersecurity approach.
Watch the webinar recording on the topic How to reach CSMS certification and cybersecurity vehicle type approval.
8-step PROOF implementation roadmap
To find the optimum security approach and to act according to the own company strategy and product roadmap in a holistic manner, our proven methodology for the introduction of a cybersecurity management system analyzes the organization and the product equally, and pursues eight steps. We always start with stock-taking to determine the prerequisites for the implementation of a CSMS. During this process, however, not only the need for action is examined but also existing potential upon which we can build. If the status of all subjects related to cyber security is clear, the best procedural method will be defined. Contact us to find out the best way to introduce a CSMS in your organization.
Cooperation between ETAS & KPMG
As one of the world-leading management consultants, KPMG AG Wirtschaftsprüfungsgesellschaft has special expertise in the development of information security management systems including analysis, planning, conception, implementation and monitoring. ETAS has the required special knowledge in the area of automotive security and a comprehensive portfolio of consultancy, software solutions and services for the protection of vehicles and fleets. ETAS together with KPMG AG their ESCRYPT Product Security Organization Framework, offer an extensive range of instruments for supporting OEMs and suppliers in the efficient implementation of future cybersecurity requirements.