Compliant cybersecurity management has become a decisive success factor for automotive managers. The UNECE WP.29 cybersecurity regulation 155 and the ISO/SAE 21434 standard mandate vehicle security at type approval and for the entire lifecycle.
Safety and business impacts of cyber risks have never been higher in the automotive industry: With the adoption of automated driving and connected vehicles cybersecurity must be continuously defined, monitored, and improved. Impending automotive-specific regulation make it critical for OEMs and suppliers to set up adequate security management systems on the first attempt and with greatest efficiency.
The ESCRYPT Product Security Organization Framework (PROOF) by ETAS provides a proven methodology to optimize cybersecurity efficiency.
Your PROOF benefits
- Profit from global insights & benchmarks based on our decades of experience in auditing & automotive security engineering
- Our holistic, end-to-end expertise in automotive & enterprise security makes us ideal partners to roll out your CSMS in time and with optimal efficiency
- Our proven approach reliably guides you from the first readiness check to the commissioning and operation of your CSMS
Automotive Cyber Maturity Report 2024
Learn how to reach the next level of productivity with a robust cybersecurity framework.
Mastering cybersecurity challenges with PROOF
ETAS has developed the Product Security Organization Framework that covers the developments for cybersecurity in the automotive sector in five domains: Cybersecurity management, risk management, concept & development, production & operation and ecosystem.
These domains and their subdomains and activities provide a structured, traceable approach to achieving cybersecurity in accordance with the legal and standard requirements.
PROOF Maturity Model
Measure and improve your cybersecurity management system
The PROOF maturity model helps organization to measure their cyber maturity, implement and improve the cybersecurity management system, reach completeness of all cybersecurity related activities across the entire product lifecycle, and ensure compliance to cybersecurity laws and regulations. The PROOF maturity model is now available for download. The whitepaper describes the model, how to use it, and includes all PROOF 2.6 controls.
Building on your own strengths
In light of the disruption caused by digitalization, manufacturers and suppliers who are best at identifying and leveraging existing strengths will be the fastest to set up compliant cybersecurity management systems and will achieve the greatest return-on-investment.
The idea of not reinventing the wheel and optimizing cybersecurity efficiency is at the core of PROOF: Benchmarks and targeted CSMS roadmaps increase transparency of potential gaps, hidden strengths, and enable a custom-fit optimal cybersecurity approach.
Watch the webinar recording on the topic How to reach CSMS certification and cybersecurity vehicle type approval.
8-step PROOF implementation roadmap
To find the optimum security approach and to act according to the own company strategy and product roadmap in a holistic manner, our proven methodology for the introduction of a cybersecurity management system analyzes the organization and the product equally, and pursues eight steps. We always start with stock-taking to determine the prerequisites for the implementation of a CSMS. During this process, however, not only the need for action is examined but also existing potential upon which we can build. If the status of all subjects related to cyber security is clear, the best procedural method will be defined. Contact us to find out the best way to introduce a CSMS in your organization.
Cooperation between ETAS & KPMG
As one of the world-leading management consultants, KPMG AG Wirtschaftsprüfungsgesellschaft has special expertise in the development of information security management systems including analysis, planning, conception, implementation and monitoring. ETAS has the required special knowledge in the area of automotive security and a comprehensive portfolio of consultancy, software solutions and services for the protection of vehicles and fleets. ETAS together with KPMG AG their ESCRYPT Product Security Organization Framework, offer an extensive range of instruments for supporting OEMs and suppliers in the efficient implementation of future cybersecurity requirements.
