On May 26th, 2020, the Automotive Parts Manufacturers’ Association (APMA) of Canada and CloudGRC Inc. launched the APMA Institute of Automotive Cybersecurity (APMAIAC). The institute would assist in providing guidance and best practices to Canadian automotive parts manufacturers, helping support the privacy/safety/security culture. Companies and organizations need to understand how cybersecurity risk affects a company’s bottom line and can drive up cost and affect revenue.
Cybersecurity in all industries is on national agendas as everything within the industrial ecosystem increasingly becomes more connected to the internet and other technical systems by wireless and physical means to the outside world. The automotive industry is fast becoming the technology-leader in both software and hardware. Multitudes of vendors supply the electronics in vehicles, from numerous suppliers, who have no common cybersecurity standards to adhere to, making the current supply chain for vehicles porous concerning cybersecurity. Every possible vendor and all electronic components are a point of vulnerability.
Governance (Program development)
Assessments (Examine your organization’s defense mechanisms)
Education (& Awareness)
Technology (Enabling the adaptation of new technologies)
A comprehensive Cyber Governance approach is an integral component of ensuring that the Supply Chain of the Canadian Automotive Sector is secure and critical data assets protected. In addition, Industry 4.0, Manufacturing, SmartCities & Transportation are all areas that need to address, manage, and mitigate Cyber Risk during this new era of Mobility that is transforming our lives.
apmaIAC is offering complimentary Cyber Assessments to Canadian automotive suppliers. Building on the APMA CyberKit 1.0, launched in November 2019, the apmaIAC takes firms through the various building blocks of Cyber Governance, such as Organization Structure, Policies & Procedures, Cybersecurity Awareness, Incident Response, and Cyber Insurance.
The threat is real, and our factory floor systems, the engineering offices, are all weak links in safeguarding technical/intellectual property information.