Risk Determination and Treatment in automotive – Video course

Learn how risk values are derived and ISO/SAE 21434 risk treatment recommendations

In this last video course of our Cybersecurity Risk Assessment chapter, you will learn about the last two steps of the TARA: the risk determination and risk treatment. We will provide a thorough explanation of how risk determination is executed. Additionally, you will learn how to make the right risk treatment decisions, which are recommended by the ISO/SAE 21434.

Watch video course
Risk Determination and Treatment video course
Risk-Determination-and-Treatment

Prioritize Properly with the Right Risk Determination and Treatment Decisions

After defining all the cybersecurity assets, threats scenarios, and their likelihood to actually happen, it is necessary to have a process and structured approach to deal with risks. Therefore, the risk determination and treatment decisions are needed in the TARA process. In this video course, “Risk Determination and Treatment Decisions”, we will go over these last two steps to complete the CYRES Academy Cybersecurity Risk Assessment chapter.

To start with, we will introduce what the risk determination is, what its purpose is, and how it is done considering the previously defined outputs, the impact rating and attack feasibility values defined in the attack path and feasibility analysis. Moreover, we will introduce the risk matrix, recommended by ISO/SAE 21434 and explain the values that should be assigned. This will determine the worthiness and how much attention a risk should get.

Afterwards, we will introduce the next and final step, the risk treatment. First, you will get an overview of the different risk treatment approaches recommended by ISO/SAE 21434 including retention, mitigation, avoidance, and sharing. Finally, we will also highlight when sharing is a suitable treatment in the context of the automotive industry.

Why the Risk Determination and Treatment video course is important

Get the final picture of the TARA

With the last two pieces missing in the puzzle, you will finally complete the overall TARA process and the CYRES Academy Cybersecurity Risk Assessment chapter. By the end of this video, you will know all the contents of the TARA as a whole and in accordance to ISO/SAE 21434.

Learn how to treat risks right

After completing this video course and chapter, you will not only have learned about the main TARA activities, needed inputs and outputs as required by ISO/SAE 21434. You will also know how to rightly prioritize risks and make the right treatment decisions.

Risk Determination and Treatment – Video course content

I. Risk Determination and Treatment: an introduction

Find out what you will learn during this video course and what it has to offer in value in this section.

II. ISO/SAE 21434 Risk Assessment Process

As usual in the cybersecurity risk assessment video courses, we will highlight where the risk determination takes place in the overall TARA process and the goal for this step.

III. Risk determination

Get to know how what the risk determination in the context of ISO/SAE 21434 is and how the Attack analysis and Feasibility Analysis’ impact rating and attack feasibility values are taken into account using a risk matrix. An example is included, where the values for attack feasibility rating are explained.

IV. Risk Treatment: overview and definition

Going back to the overall TARA process, we will explain the concept of risk treatment and the corresponding treatment decisions.

V. Risk treatment: a closer look

Get a detailed explanation for each of the previously defined risk treatments and how each of them are made and handled. Plus, we will provide ISO/SAE 21434 recommendations and requirements.

VI. Risk Determination and Treatment – Sum Up

Here, we will provide a summary of the main points learned during this video course in bullet points.

More video courses related to Risk Determination and Treatment

Popup




     

    Essential Guide

    The Essential Guide to ISO/SAE 21434

    How to manage the challenges of the new automotive cybersecurity standards and regulations

    Essential Guide

    The Essential Guide to ISO/SAE 21434

    How to manage the challenges of the new automotive cybersecurity standards and regulations