Clarity of the requirements, harmonization of the terminology and standardization of all the relevant disciplines involved:
- ISO/SAE 21434 Road Vehicles – Cybersecurity Engineering
- and UN Regulation No. 155
stand for the ambition of a consistent standardization in the field of automotive cybersecurity. This also affects the levels of cybersecurity competence and cybersecurity culture.
A major challenge here is not only developing the necessary skills and awareness (e.g., through training), but also providing the corresponding, reliable evidence of these skills.
For instance, ISO/SAE 21434 specifically points out that the evidence of a practiced competence management becomes as necessary as the evidence of the continuous establishment of a cybersecurity culture. Organizations are obliged to meet these documentation requirements with a framework that is applicable throughout the organization and well established in the industry, such as the ACP Framework of the CYRES Academy.