Incident Response Procedures – Summary
Incident response is a relatively new area of security for the automotive sector, at least where it concerns connected vehicles. The industry is still focused primarily on preventing threats, and to a certain extent on detecting them, let alone responding to them. This pre-emptive effort has been recognized as important by the industry, but there are no automotive-specific guidelines or best practices in this area. This domain offers information on the current de facto standards leveraged by the cybersecurity industry generally, and these are applicable across sectors and markets.
These three standards are global and developed by the ISO/IEC. They form part of internationally recognized information security standards, and as such should and can apply directly to the automotive industry. These are: SO/IEC 27035:2016 Information Technology, Security Techniques, and Information Security Incident Management, ISO/IEC 29147:2018 Information Technology — Security Techniques — Vulnerability Disclosure, and ISO/IEC 30111:2013 Information Technology — Security Techniques — Vulnerability Handling Processes.