NHTSA Must Define Role, Responsibility if There's Vehicle Cyberattack, GAO Says
Federal transportation regulators need to define and document government's role and responsibilities to address cyberattacks on vehicles, especially as autonomous and connected-vehicle technologies are deployed, GAO said in a Monday report. It said the National Highway Traffic Safety Administration is…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
investing more in cybersecurity research and is soon expected to release industry guidance to help decide when vulnerabilities should be considered safety defects in justifying recalls. NHTSA also is examining the need for cybersecurity standards and regulations, but such guidance won't be available for another two years at least, GAO said. Until NHTSA develops a plan defining its role, "the agency's response efforts could be slowed as agency staff may not be able to quickly identify the appropriate actions to take," GAO said. The report also said several industry led-efforts are underway to help automakers and parts suppliers to mitigate cybersecurity vulnerabilities, increase threat and vulnerability information sharing among companies and deploy better technologies such as message encryption and authentication.