The Auto-ISAC said in a statement that it has signed a Cooperative Research and Development Agreement (CRADA) with the U.S. Department of Homeland Security (DHS) to collaborate.
Private sector companies sign a CRADA with DHS to participate in the Cyber Information Sharing and Collaboration Program (CISCP), the department’s flagship program for public-private multi-directional cybersecurity information sharing and collaboration.
The agreement could facilitate access to DHS’ National Cybersecurity and Communication Integration Center (NCCIC), a security operations watch center. The agreement also provides ISAC personnel with eligibility for security clearances to view classified threat information.
CISCP partners voluntarily submit indicators of observed cyber threats and information about cyber incidents and identified vulnerabilities, done in an anonymized, aggregated fashion. Data submitted to CISCP falls under the Protected Critical Infrastructure Information Program and are statutorily exempt from regulatory use or any disclosure under the Freedom of Information Act or state Sunshine Laws.
One key component of the agreement is the ability of representatives of the Auto-ISAC to sit side-by-side with government, other ISAC partners and companies to share and analyze information and block cyber threats before damaging compromises occur, says Auto-ISAC.
Background on the Auto-ISAC
The Auto-ISAC facilitates sharing information pertaining to cybersecurity threats affecting the automotive industry. The organization was established in 2015, when Global Automakers, the Alliance of Automobile Manufacturers and 15 automakers joined forces to establish a global community to foster collaboration. Membership is open to light- and heavy-duty vehicle OEMs and suppliers, and commercial vehicle sector (e.g. fleets, carriers).
[Image courtesy: Auto-ISAC]