The upcoming regulatory mandates from UNECE’s WP.29 and ISO 21434 drive the compliance requirements for securing the security lifecycle in the automotive industry. In order to achieve this compliance, the unique complexities of the automotive industry require a holistic approach to securing the cars of the future covering all 3 phases of a vehicle lifecycle: design and development, manufacturing, and operation of the cars in the field – and ultimately managing the full 15-20 year security lifecycle for each vehicle
To address these unique challenges, in an innovative collaboration Argus Cyber Security, CyberArk, Device Authority, and Microsoft are joining forces to create the next generation solution for automotive and mobility security. This comprehensive platform-based approach addresses the complex challenges of securing connected vehicles, ensuring data sovereignty, management, and compliance, and safeguarding cloud and enterprise environments by leveraging the latest Azure OpenAI Security Co-pilot technologies from Microsoft. This collaborative effort represents a significant leap forward in automotive and mobility security, combining the strengths of each company to create a robust, end-to-end solution. By addressing the unique challenges posed by connected vehicles, this partnership is poised to set new benchmarks for security data management and compliance in the rapidly evolving automotive landscape.
Key Areas of Collaboration and Innovation:
Comprehensive Secure Software Development Environment
Leveraging the GitHub Copilot and development environment, accelerating software development, and enabling developers to focus more energy on problem solving and collaboration and spend less effort on the mundane and boilerplate. Using binary code decomposition tools to establish the security posture of the large automotive software threat surface.
End-to-End Security –
Seamless integration of cybersecurity solutions to ensure end-to-end security for connected vehicles and cloud environments including Vehicle Security Operation Center (VSOC) and Vehicle to Cloud (V2C) communications.
Comprehensive Threat Detection –
Including actionable insights and Incident Response Automation to detect more threats with higher accuracy while reducing response time and manual effort by leveraging Azure OpenAI Copilot technologies.
Comprehensive Visibility –
Leverage data connectors to provide a holistic view of security across connected vehicles, cloud, VSOC, and the entire vehicle ecosystem.
Comprehensive Posture Management for the Life of the Cars on the Road –
Leverage SBOM analysis tools, IDPS system, Security Copilot and up to date Threat Intelligence, manage the lifecycle of security and compliance for the cars on the road.
Innovation in Connected Car Solutions –
The combined expertise of Argus Security, CyberArk, Device Authority, and Microsoft drives innovation in automotive security, data sovereignty, management, and compliance, setting new standards for the industry
Key Components of the Solution
Argus Cyber Security:
Delivers in-vehicle and cloud-based cybersecurity technologies for automakers:
About Argus:
Argus, a global leader in automotive cyber security, provides in-vehicle and cloud-based cyber security technologies for automakers and suppliers, to ensure that vehicle components, networks and fleets are secured and compliant throughout their life cycle. Argus’ innovative methods and solutions are based on decades of cyber security and automotive research and have culminated in over 100 granted and pending patents. Founded in 2014, Argus is headquartered in Israel, with offices in USA, Germany, France, Japan, and Korea.
CyberArk:
Specializes in identity security for cloud and enterprise environments across all industries.
Protects credentials and secrets of administrators, users, applications, and machines interacting with connected vehicles and data.
About CyberArk:
CyberArk is the global leader in identity security. Centered on intelligent privilege controls, CyberArk provides the most comprehensive security offering for any identity — human or machine — across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.
To learn more, visit www.cyberark.com.
Device Authority KeyScaler:
Provides automated machine identity lifecycle and key management for IoT devices in vehicles and automates secure vehicle to cloud communications:
About Device Authority
Device Authority secures the connected future by automating Zero Trust security at scale and is a recognized global leader in Identity and Access Management (IAM) for Enterprise IoT ecosystems. Device Authority’s KeyScaler identity security platform and KeyScaler-as-a-Service (KSaaS) allow organizations to reduce human error and accelerate incident response, minimizing risk, ensuring complete device and data trust, and enabling trusted AI in any connected environment.
Microsoft Manufacturing and Mobility Industry Team
At Microsoft, along with our partners, we have curated a broad portfolio of platform-based products and services for a comprehensive support of automotive and manufacturing industries during the three lifecycle phases of development, production, and post-production, and all the associated homologation processes. For this collaboration, GitHub Copilot will be leveraged for the design and development phase. Microsoft’s Purview platform which is now enabled with Azure OpenAI tools and copilot, provides data security and governance across various data estates while reducing risk and meeting compliance requirements. Microsoft Sentinel which is a Cloud-native SIEM and SOAR platform for collecting, analyzing, and responding to security events along with Defender Threat Intelligence, enabled with Azure OpenAI Copilot, provides a comprehensive VSOC operation. The VSOC platform ingests data from CyberArk, Device Authority, Argus Security, and other sources, including Microsoft’s 65 trillion Threat Intelligence, leveraging Security Copilot to identify, prioritize and mitigate critical threats proactively at machine speed.
What’s Next:
The complexities of the automotive industry require a holistic platform-based approach to securing the cars of the future, where the ecosystem of partners can combine their state-of-the-art products, know how, innovative approaches, and leveraging the most advanced generative AI enabled security technologies, to address the unique challenges of the automotive industry. Stay tuned for the specifics of what this collaborative platform enables in the near future.