Gearing towards greater cyber security maturity in the automotive sector, with PROOF by Escrypt
Regulations and standards such as UN R155 and ISO/SAE 21434 have made it mandatory for businesses in the automotive industry to be compliant with cyber security management. Alyne’s GRC Software as a Service, has partnered with an automotive security specialist, ESCRYPT and KPMG to offer joint expertise and technology in developing the Product Security Organisation Framework (PROOF).
PROOF is a centralised framework where organisations can find leading international and regional automotive security regulations and standards. The maturity model offered within PROOF aims to empower automotive firms to perform a comprehensive, transparent risk assessment of their organisation as well as their suppliers and gain a comprehensive overview of their overall risk and compliance maturity
PROOF is a maturity model that can be used to systematically measure and optimise vehicle security and all related processes. It covers cyber security in the automotive sector in five domains:
- Cyber Security Management
- Risk Management
- Concept and Development
- Production and Operation
Read the full Press Release, issued by ESCRYPT GmbH.
PROOF workshop at escar conference (Frankfurt, Germany: 10-11 November)
The automotive industry is moving full speed ahead towards the software defined car. Security is a key discipline in this change: Manufacturers and suppliers with a high cyber maturity will be at a greater advantage. This is why the PROOF maturity model was created, with mappings to relevant regulation and standards such as the UN Regulation 155 and the ISO/SAE 21434.
This week, Escrypt, KPMG and Alyne will be facilitating a workshop at escar – the world's leading automotive cyber security conference.
The Workshop: UN R 155 and beyond: Measure, build, and improve your CSMS with the PROOF maturity model. Facilitated by Moritz Minzlaff (Escrypt), Jan Stölting (KPMG) and Felix Schock (Alyne).
The workshop will address key questions around the readiness of organisations for upcoming regulation and cybersecurity in the age of software defined cars. Who are the critical suppliers and are they mature enough? How do we ensure that security awareness translates into actual improvements of the product security organisation? Furthermore, this workshop provides participants with insights and tools on how to measure, build, and improve the maturity of their cybersecurity management system (CSMS).