The mission of Auto-ISAC (Automotive Information Sharing and Analysis Center) is to be the independent broker of information to help the auto industry share data, learn about threats that could affect the industry, and form techniques to mitigate those threats. If there’s a “bad guy” attacking the industry, it’s Auto-ISAC’s goal to protect the industry against it.
To help accomplish this goal, Auto-ISAC forms partnerships with various private companies, industry associations, and government agencies. Recently, Auto-ISAC formed a partnership with the IARA.
Faye Francy took the mantle of Auto-ISAC’s first executive director nearly two years ago. This, however, wasn’t the first time that she had served as an executive director, before her start at Auto-ISAC she was the executive director of Aviation-ISAC. Before then, she worked at the Boeing Company for about 25 years.
Her transition to executive director of Auto-ISAC occured almost by happenstance. She had recently retired from her role as executive director of Aviation-ISAC and was helping out the automotive ISAC as it was trying to understand how to operate as an ISAC.
At the time that she began working with Auto-ISAC, the organization had only recently been formed. In 2014, 15 OEMs came together and created the non-profit to enhance the knowledge base of the industry.
“So I was helping them because they’re very similar industries, platforms, manufacturing, culture, etc. And so I thought I was going to do a consulting job where I could actually retire and have fun, but instead, it was a full-time job,” said Francy.
The model for an ISAC was originated in 1998 under President Bill Clinton after he recognized that 80% of the critical infrastructure in the United States was owned or operated by the private sector, according to Francy.
The president had concern that the private sector did not have the same intelligence that the government did, so he wanted to help. This resulted in the ISAC model, which would give the private sector the ability to collaborate amongst themselves, but also with government agencies for additional data.
The first ISAC that stood out was Financial Services ISAC, Francy noted. Today, there are roughly 23 ISACs in various fields such as IT, communications, and manufacturing.
Technology inside vehicles is moving at an unprecedented pace, according to Francy. Inside a vehicle, there are roughly 100 million lines of code operating the vehicle, that’s more than what is inside a 787 or jet fighter aircraft, she noted.
This is why the mission of Auto-ISAC is as crucial as it is, Francy added, the automotive industry is traversing through uncharted waters, so to speak.
“There are risks with the interconnectivity coming to vehicles. We call it the Internet of Things, I call it the Internet of Threats because the more we interconnect, the more opportunity for vulnerability, whether its simple software bugs or things we hadn’t thought about in our designs. I hope you’re thinking about cyber hygiene in your company, and I Hope that you’re doing training exercises to address them,” said Francy.