Bring An Equalizer to the Fight. Choose a Firm That Was Created to Advocate for Victims.

NHTSA Publishes Vehicle Cybersecurity Guidance

The National Highway Traffic Safety Administration (NHTSA) recently released proposed guidance for improving motor vehicle cybersecurity. The new guidance aims to protect vehicles from malicious cyberattacks and unauthorized access.

As we have previously discussed on this San Diego Injury Blog, cyberattacks are a growing concern when it comes to vehicle safety. Because modern vehicles are increasingly “connected,” they are more prone to security breaches. In the most highly publicized incident, hackers were able to identify and exploit security vulnerabilities in a Jeep Cherokee’s UConnect entertainment system. Once they remotely accessed the system, the hackers were able to change the vehicle’s speed and control the brakes, radio, windshield wipers, transmission and other features that are accessible through the system.

The latest guidance is the product of public feedback gathered by NHTSA, as well as the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity. It applies to all individuals and organizations manufacturing and designing vehicle systems and software. These entities include, but are not limited to, motor vehicle and motor vehicle equipment designers, suppliers, manufacturers, and modifiers.

The proposed cybersecurity guidance calls for layered solutions that are designed to not only prevent a cyberattack, but also lessen the impact of a successful security breach. "In the constantly changing environment of technology and cybersecurity, no single or static approach is sufficient," said NHTSA Administrator Dr. Mark Rosekind. "Everyone involved must keep moving, adapting, and improving to stay ahead of the bad guys."

The proposed cybersecurity guidance recommends that auto manufacturers employ “risk-based prioritized identification and protection of critical vehicle controls and consumers' personal data.” It further highlights that the safety of vehicle occupants and other road users should be of primary consideration when assessing risks. In addition, the guidance emphasizes that auto companies should consider the full life-cycle of their vehicles when assessing risk and facilitate rapid response and recovery when cybersecurity incidents do occur.

This cybersecurity guidance also highlights the importance of making cybersecurity a top leadership priority for the automotive industry. It further suggests that companies should demonstrate it by “allocating appropriate and dedicated resources, and enabling seamless and direct communication channels though organizational ranks related to vehicle cybersecurity matters.”

If you or someone you care about has suffered serious harm due to a defective vehicle, you may be entitled to compensation. For more information, please contact a San Diego product liability attorney at the Law Offices of Robert Vaage for a free consultation.