The automotive industry faces a significant challenge: ongoing technological evolution on the one hand, and already effective cybersecurity standards and regulations on the other. With
- ISO/SAE 21434 Road Vehicles – Cybersecurity Engineering
- and UN Regulation No. 155
standardized principles for automotive cybersecurity are becoming established. This also involves cybersecurity competence and cybersecurity culture.
Not only does building and developing the necessary skills and associated awareness (e.g., through training) become a challenge, but also providing reliable evidence of this.
ISO/SAE 21434 indicates (also see The Essential Guide to ISO/SAE 21434) that demonstrating an implemented competency management becomes as necessary as demonstrating the establishment of a cybersecurity culture. In order to ensure the proper compliance here, documentation of implemented measures will become mandatory.
To do so, an organization-wide valid framework that is established in the industry is needed, such as the ACP Framework of the CYRES Academy.