Automotive Industry

Automotive Industry

About Our Automotive Industry Experience

Law & Forensics cybersecurity practice in the automotive industry provides Tier 1 suppliers with in-depth security testing and analysis. Managing cybersecurity risks in the automotive sector is getting more difficult as vehicles progress to an autonomous world. As a result, assuring systems have been tested and hardened against hacking vulnerabilities is more crucial than ever for OEMs and vehicle part manufacturers.

Our experts are skilled at assessing security controls within automotive-specific security standards, frameworks, laws, and policies. Conducting a thorough analysis of various embedded security tools and processes specific to automotive technology. Analyzing data flow surrounding personal information stored in systems as it merges with the evolving technology of vehicles.

Our Services

Decades of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Security Assessment Security Control Baselines Tabletop Testing

Security Assessment

Work with clients to identify the flow of data through the vehicle network and establish known cybersecurity threats.
Work with Tier 1 suppliers and OEMs to secure the supply chain.
Conduct assessment of the privacy and cybersecurity threats specific to vehicles according to OEMs policies, state, federal, and regulatory laws and frameworks.

Security Control Baselines

Serve as an independent third party to assess OEMs and Tier-1 suppliers internal incident response plans, controls, protocols, etc., against industry standards.
Work with legal, audit, information security, and information technology stakeholders and staff to identify any gaps in existing cybersecurity and privacy controls and policies and assist companies in addressing gaps.
Identify potential cybersecurity and privacy risks concerning automotive technologies and work with the engineering teams to address these issues/risks.

Tabletop Testing

Create and develop robust tabletops to test automotive companies’ cybersecurity controls and processes and also specific tabletop scenarios for vehicles.
Work with organizations to identify gaps and issues identified in the tabletop and work with the client to address these gaps.
Present results of tabletops to senior leadership and board members to demonstrate the current state of the cybersecurity program.

Case Studies by Industry

Automobile Supplier

Industry/Sector: Automobile Supplier: Tire Mounting

Type of Service: Incident Response to Data Breach

Description: Hired at the direction of general counsel to remediate a cyber incident. Efforts included:

Utilized Forensic Scan, Law & Forensics patented cutting-edge cyber security incident response tools, to analyze devices in half the time of industry norms.
Analyzed complex logs provided from hundreds of endpoints.
Remediated and restored the infected devices on time and under budget.

Tier 1 Supplier

Industry/Sector: Automotive Tier 1 Supplier

Type of Service: Create, Deliver, and Deploy an Incident Response Plan

Description: Retained by an automotive Tier 1 Supplier to create an incident response plan. Efforts included:

Created an incident response plan that allowed senior IT, audit, legal, and information security stakeholders to recognize and deal with a cybersecurity incident like a data breach or cyberattack, and deploy the incident response plan across the entire enterprise and tested it using tabletop scenarios.
Ensured that the information security team was trained to regularly train the staff with incident response responsibilities and developed the appropriate reporting and escalation procedures in coordination with the IT, audit, compliance, and legal teams.
Worked with the IT and information security organization to set up alerts from intrusion detection, intrusion prevention, and file integrity monitoring systems.
Assisted the legal and information security and technology stakeholders and staff with policy creation or modification to support the incident response plan.

Automotive Design

Industry/Sector: Automotive Design

Type of Service: Cybersecurity Strategy Consulting

Description: Hired to work with a global automotive sector design company to review and audit the cybersecurity program and make recommendations. Efforts included:

Analyzed vehicle architecture and design for specific safety-critical vehicle components.
Identified cybersecurity program gaps and their impact on the vehicle supply chain.
Drafted a report that the company used to improve its cybersecurity program.

Expert Witness

Industry/Sector: Automotive Expert Witness

Type of Service: Expert Witness for Automotive OEM

Description: Retained by automotive OEMs to provide expert opinion regarding compliance and cybersecurity. Efforts included:

Evaluated and assessed the cybersecurity risks associated with automotive electrical architecture platforms.
Researched and wrote an expert report presenting the findings on critical safety elements of vehicle cybersecurity.
Utilized decades of industry knowledge to communicate the security risks for emerging vehicle technology.

Automotive Industry

About Our Automotive Industry Experience

Security Assessment

Security Control Baselines

Tabletop Testing

Newsletter

Contact Us

CYBERSECURITY PRACTICE

EDISCOVERY PRACTICE

DIGITAL BANKING

FORENSICS PRACTICE

ARTICLES

WEBINARS

RESOURCES