The Automotive Industry Action Group (AIAG), in partnership with NQC—a leader in cyberthreat detection—have launched a suite of cybersecurity tools to help automotive suppliers compare their cybersecurity capabilities with industry best practices.
The Supply Safe™: Cyber Safe Bundle includes a one-time third-party virtual audit, along with either a basic or advanced enterprise risk assessment. Together, these resources allow suppliers to evaluate their overall cybersecurity efforts and identify the most critical areas for improvement.
The Supply Safe™: Cyber Virtual Audit is a remote threat analysis that searches a supplier provided URL or domain name for known vulnerabilities using a database of more than 53,000 common configuration issues, which is updated in real time with the latest threats. The audit—which is non-intrusive and will not damage the resource being checked—identifies systemic weaknesses and provides an automated corrective action plan with practical steps the supplier can take to immediately improve its cybersecurity. Real-time signposts guide suppliers on what to do to improve their cyber capabilities, which means they can take action more quickly.
AIAG Director, Supply Chain Products and Services, Tanya Bolden said the frequency, sophistication, and virulence of cyberattacks has grown exponentially over the past five years.
“These attacks are a clear and present danger to the security of our global supply chain, impacting both direct and indirect suppliers,” Bolden said. “AIAG remains committed to making resources developed by OEMs available to smaller companies in the automotive supply chain—companies that may not have the budget or expertise to proactively protect themselves along with their customers’ and suppliers’ data.”
The Cyber Risk Assessment questionnaire, both the basic and advanced version, is based on AIAG’s CS-1 document – the Cyber Security 3rd Party Information Security guideline—which is the collaborative work of automotive volunteers facilitated by AIAG. This new risk assessment defines the minimum-security requirements needed to support the secure exchange of information within the automotive supply chain.
NQC Managing Director Charles Morrison said the consequences of a cybersecurity breach are extremely alarming, with 60 percent of small companies failing to recover.
“With only 14 percent of smaller enterprises rating their ability to defend against a cyber attack as effective, automotive suppliers should be strongly encouraged to make use of the Cyber Safe Bundle,” Morrison said. “We are very pleased to bring our expertise to this collaboration with AIAG and we are confident this suite of tools will provide much needed protection to suppliers across the industry.”