Latest ENISA recommendations to help CAM stakeholders mitigate cybersecurity risks

May 13, 2021
Connected Car Security

The European Union Agency for Cybersecurity’s (ENISA) latest report lays out various recommendations for the security of connected and automated mobility (CAM). The report, released on May 5, 2021, also provides an overview of the cybersecurity challenges in the CAM sector, highlighting both the concerned CAM actors and related recommendations.


The CAM sector is composed of an ecosystem of services, operations, and infrastructure formed by various stakeholders and actors. It helps industries transform while meeting the various needs of consumers. The demand for connected vehicles, which help make transportation easier, also means that the CAM sector must enhance its cybersecurity and resilience, mitigating attacks that can threaten the safety and protection of citizens.


ENISA lists challenges and recommendations, aiming to contribute to the improvement and harmonization of cybersecurity in the CAM ecosystem in the EU. Here are the listed challenges and recommendations from the report:


  • Governance and cybersecurity integration in corporate activity. Stakeholders may find it challenging to integrate cybersecurity governance in their CAM ecosystem. To address this, it is vital to promote cybersecurity and digital transformation at the board level in the organization.


  • Technical complexity in the CAM ecosystem. Interactions, supply chain management, and dependencies are major challenges in the sectors. ENISA recommends promoting the use of suitable certification schemes and security evaluation for both on-board and off-board solutions. The agency also recommends promoting the standardizing of the discovery and remediation of threats during the product’s lifetime.


  • Inadequacy of expertise and skills resources for CAM cybersecurity. The lack of cybersecurity experts in the market is a huge hurdle for adopting the security measures specifically made for CAM products and solutions. The report recommends cross-functional security and safety knowledge exchange between IT/OT and mobility experts. ENISA also recommends introducing programs at educational institutions to address the lack of security and safety knowledge across the industry.


Improved safety for better consumer experience


A survey conducted by HSB found that connected car security is a major concern for consumers. Thirty-seven percent of the respondents said that they were somewhat or very concerned about the safety of connected cars.


Growing concerns mean that today’s connected vehicles along with connected environments and infrastructures should come with new capabilities and features, which provide increased safety, better vehicle performance, and competitive digital products and services.


Moreover, they must also have improved comfort, environmental friendliness, and user-friendly systems and equipment convenient for its customers.


It is also paramount for stakeholders to know and understand the risks associated with connected cars and the CAM sector.


As a leader in cybersecurity solutions, Trend Micro has conducted numerous comprehensive research and studies, looking into solution development in connected cars.


Read Trend Micro’s comprehensive white paper, “Cybersecurity for Connected Cars: Exploring Risks in 5G, Cloud, and Other Connected Technologies”, identifies and provides valuable insights into prevention techniques against security risks.


To learn more about standards with cybersecurity engineering guidelines for all process across every phase of a connected vehicle’s lifecycle, download “ISO/SAE 21434: Setting the Standard for Connected Cars’ Cybersecurity”, which extensively discusses ISO/SAE 21434 and includes Trend Micro’s recommendations for automotive manufacturers, suppliers, vendors, and mobility service providers.


Author: Ericka Pingol

This website uses cookies for website functionality, traffic analytics, personalization, social media functionality, and advertising. By continuing to browse, you agree to our use of cookies.
Learn moreprivacy policy