March 19 - 21, 2024
Sheraton Ann Arbor Hotel, Michigan
Automotive Cybersecurity Day Two | March 20, 2024
7:00 am - 7:30 am
REGISTRATION – GET BADGED UP!
7:30 am - 8:15 am
WOMEN IN AUTOMOTIVE BREAKFAST | EVERYONE’S INVITED!
8:15 am - 8:20 am
AUTOMOTIVE IQ WELCOME
8:20 am - 8:30 am
CHAIRPERSON’S OPENING REMARKS
Sean Barry -
Business Development & Partnerships,
Cybellum
8:30 am - 9:00 am
TAKE A HOLISTIC APPROACH TO AUTOMOTIVE CYBERSECURITY | OEM BEST PRACTICES TO ENSURE PRODUCT, IT/OT, AND MANUFACTURING SECURITY
Stephen McKnight -
Director of Product Cybersecurity,
Stellantis
A comprehensive automotive cybersecurity program requires a robust strategy for all three pillars: IT/OT security, product security and manufacturing security. But there can be a disconnect as different groups look at security through different lenses. Recognizing that cybersecurity is not only valuable but vital for the automotive industry and there’s no way around it, we’re setting the tone of this conversation and pushing for internal development and synergy.
Join your peers for a look at how a leading OEM has developed and implemented a robust, holistic cyber security program that is not only compliant with ISO/SAE 21434, and R155/R156 but agile enough to adapt to and embrace future regulations.
What will you learn:
o How the company approaches 21434, R155 and R156 compliance.
o How many layers of protection were needed; what is a must-have, what is a nice-to-have and what is optional.
o How far and deep did the OEM go and where did they see the biggest bank for their buck.
o Understand what a mature program looks like, and how is maturity measured.
o Establish which part of the product development lifecycle is more important to secure.
9:00 am - 9:50 am
WHAT IS AND IS NOT POSSIBLE WITH AI & THE IMPACT OF AI IN THE AUTOMOTIVE INDUSTRY
Danil Prokhorov -
Research Manager,
Toyota Motor R&D
10:20 am - 11:05 am
PIONEERING RISK MANAGEMENT AND AI IN VEHICLE SECURITY
Franz-Josef Schuermann -
Chairman of the Board,
itemis AG
10:20 am - 10:50 am
MORNING REFRESHMENT BREAK & WALKTHROUGH WITH EXHIBITORS
10:50 am - 11:20 am
ROADMAP TO RESILIENCE: CRAFTING AN AUTOMOTIVE CYBERSECURITY MATURITY MODEL
John Auld -
GM North America,
Cybellum
11:35 am - 12:20 pm
DRIVING FORWARD: PROTECTING THE MODERN AUTOMOTIVE SOFTWARE SUPPLY CHAIN
Larry Pesce -
Product Security Research and Analysis Director,
Finite State
12:20 pm - 1:00 pm
PAIRING AI AND HUMANDS TO DEFEAT AI-ENHANCED CYBER THREATS TO OT & IOT SYSTEMS
12:50 pm - 2:00 pm
NETWORKING LUNCH BREAK - Hosted by C2A Security
1:00 pm - 2:00 pm
MICRON'S LUNCH & LEARN VIP WORKSHOP: BALANCING COST & QUALITY IN YOUR NEXT BIG VEHICLE APPLICATION THROUGH INTELLIGENT MEMORY SELECTION
2:00 pm - 2:40 pm
VSOC 3.0: MANAGING SCALE
Giuseppe Serio -
Vice President Market Development,
Upstream Security
2:40 pm - 3:10 pm
LESSONS LEARNED ON HOW OEM, TIER-1 & TIER -2 COMPANIES EMPLOYED RISK ASSESSMENT AND VULNERABILITY MANAGEMENT TO ENSURE CYBERSECURITY | REAL USE CASE PRESENTATIONS
Riley Forester -
Deputy Information Security Officer,
Mercedes-Benz USA
Improve your capability to identify and understand vulnerabilities and their impact, through the real-life experiences of a leading OEM/Tier-1 company as they share lessons learned on:
o Risk and vulnerability management and how they collaborated and worked together to find a common solution to mitigate risk.
o Recommendations on how to overcome gaps in cybersecurity systems and ways to improve them.
3:10 pm - 3:40 pm
PRESENTATION: SWITCHING GEARS TO A RISK-DRIVEN APPRAOCH TO PRODUCT SECURITY
3:40 pm - 4:10 pm
AFTERNOON REFRESHMENT BREAK & WALKTHROUGH WITH EXHIBITORS
COMPLIANCE WITH ISO/SAE 21434 & WHAT’S EXPECTED IN THE NEXT ITERATION
4:00 pm - 4:15 pm
101-BRIEFING – INTERPRETING THE ISO/SAE 21434 STANDARD
Tim Weisenberger -
Senior Program Manager of Emerging Technologies,
SAE International
4:15 pm - 5:05 pm
END-TO-END JOURNEY TO ACHIEVE ISO/SAE 21434 COMPLIANCE | OEM PRESENTATIONS & ROUNDTABLE DISCUSSION
Alexander Bermudez -
CISO & DPO,
Fisker Inc
David Gutierrez - Sr. Embedded Cybersecurity Engineer, Nikola Motor Company
This presentation focuses on one leading OEM’s journey through the implementation of and compliance with ISO/SAE 21434. Hear an expert as they share experiences and solutions to overcome challenges encountered during the process. Take the opportunity to learn and share ideas & experiences as part of this presentation and roundtable exercise.
o Learn how metrics were established around implementation of 21434.
o Find out the exact process that was adopted to achieve compliance.
o How did the OEM prove that they were compliant?
o Gain clarity on what challenges to expect on the road to compliance and what measures to adopt to mitigate them.
5:15 pm - 5:30 pm
WHERE IS ISO/SAE 21434 EXPECTED TO GO IN THE NEXT ITERATION? PANEL DISCUSSION ON CHANGES, UPDATES & AMENDMENTS THAT ARE LIKELY TO COME IN EFFECT
Charles Wilson -
Technical Fellow, Cybersecurity Engineering,
Motional
Tim Weisenberger - Senior Program Manager of Emerging Technologies, SAE International
Sean Barry - Business Development & Partnerships, Cybellum
This battle for 21434 compliance is ending soon. We’re only on version one of the standard, and many companies have still not fully grasped the extent of 21434. This version is great for a first pass, but it is going to be amended, updated, and changed within the next 12-18 months.
o What changes/updates are in the pipeline and how could they affect your future product launches?
o What might be the timing for when new changes come into effect?
o How can OEMs prepare now for future regulatory changes?
o Do organizations see ISO/SAE 24089 becoming more uniform? is it complementary to ISO/SAE 21434?
Take a seat in the audience and listen to expert views on these questions among others and leave better prepared to tackle future changes to the existing 21434 standard.
5:20 pm - 5:50 pm
PRESENTATION | SCRUTINIZE EMERGING THREATS THAT CAN POTENTIALLY BE CAUSED BY ADVANCEMENTS IN TECHNOLOGY & HOW TO MITIGATE THEM
Hemanth Tadepalli -
Cybersecurity Compliance Engineer,
May Mobility
SOFTWARE BILL OF MATERIALS (SBOM)
5:50 pm - 6:20 pm
PRACTICAL STRATEGY ON HOW TO USE SBOM, AND GEN-Z NAVIGATING AUTOMOTIVE CYBERSECUIRTY
Jason Israilov -
Cybersecurity Software Engineer,
Bosch USA
o Join this speaker as he gives the audience a walkthrough on how to use SBOM in a way where it makes sense for the automotive industry and share foresight on the future of SBOM, and explore the perspective of a 'Gen-Z' cybersecurity engineer.
6:10 pm - 6:20 pm
LET’S GET INPUT FROM EXPERTS IN THE AUDIENCE BEFORE WE FINISH FOR THE DAY: WHERE DOES IT MAKE SENSE TO USE ZERO-TRUST IN AN AUTOMOTIVE ENVIRONMENT?
6:20 pm - 6:25 pm
CHAIRPERSON’S CLOSING REMARKS & END OF DAY TWO
Sean Barry -
Business Development & Partnerships,
Cybellum
6:30 pm - 8:00 pm
OFFSITE NETWORKING DRINKS RECEPTION – Hosted by Upstream Security - RSVP Now!
During the event, Upstream will offer guided tours of their vSOC, where you will be able to see up close:
- Upstream’s vSOC team is in action as they monitor millions of connected vehicles, applications, and mobility IoT devices in real-time.
- Simulation of a cyber threat incident detection & response.
- The latest implementation of Upstream’s new GenAI capabilities.
This reception will take following the end of the conference day on March 20, 6:30pm onwards.
We will provide transportation to and from the venue.
We’d love for you to join! Please RVSP here via this link: Upstream’s Annual Ann Arbor Reception (AutomotiveIQ) - Upstream Security
