CSC News Table of Contents
Automotive Cybersecurity Partnership between Sasken and VicOne signals a stronger push to secure connected vehicles from design to road. By aligning engineering and operations, the companies target security by design and real-time defense.
In the full announcement, the teams commit to joint solutions across software, cloud, and fleet security. This Automotive Cybersecurity Partnership emphasizes lifecycle security for global automakers and suppliers.
Automotive Cybersecurity Partnership: Key Takeaway
- This Automotive Cybersecurity Partnership delivers integrated engineering and monitoring that help automakers meet safety standards and reduce cyber risk across lifecycles.
Why This Automotive Cybersecurity Partnership Matters
The Automotive Cybersecurity Partnership marries Sasken’s embedded and AUTOSAR experience with VicOne’s threat intelligence and vehicle security operations.
The goal is to turn security goals into measurable engineering tasks that meet NHTSA cybersecurity guidance and industry norms without slowing production.
Through the Automotive Cybersecurity Partnership, development teams can map vulnerabilities to fixes and monitor fleets for new threats.
For operational resilience, manufacturers can strengthen vulnerability management with enterprise tools such as Tenable for proactive exposure analysis and improve network visibility across plants and labs using Auvik for network monitoring, both of which complement secure engineering workflows.
Technology Backbone of the Automotive Cybersecurity Partnership
At the core of the Automotive Cybersecurity Partnership is security by design across ECUs, infotainment, telematics, and cloud backends. This includes secure boot, identity and access management, secure OTA, and SBOM-driven maintenance aligned with ISO/SAE 21434 and the UNECE R155 cyber management framework.
The collaboration also anticipates 5G and V2X risks, an area where ongoing research highlights both opportunities and pitfalls, as seen in analysis of 5G security risks.
To support secure operations around the clock, the Automotive Cybersecurity Partnership points to well governed credentials and data protection. Teams can standardize secrets handling through 1Password for enterprise password management or Passpack for team credential sharing.
Privacy leaders can reduce data broker exposure with Optery for personal data removal. For resilience planning, IDrive cloud backup protects critical engineering assets, while supplier communications can be hardened with EasyDMARC for email authentication.
These choices fit well with zero-trust models discussed in zero-trust architecture guidance.
Compliance, Regulation, and Real-world Use
Regulators expect proof that cyber risk is managed across the vehicle lifecycle, and the Automotive Cybersecurity Partnership speaks directly to that need.
It connects engineering artifacts to controls that satisfy UNECE R155 and aligns assurance with NHTSA expectations on vulnerability reporting and incident response.
Real-world incidents show why this matters. A production halt such as the Jaguar cybersecurity stoppage or critical findings like the Subaru Starlink vulnerability illustrate how a strong governance program can shorten response time and reduce downstream risk.
The Automotive Cybersecurity Partnership aims to turn those lessons into repeatable controls that stay current as threats evolve.
Security Operations and Supplier Readiness
Most risks surface in the supply chain and in day-to-day operations, and the Automotive Cybersecurity Partnership emphasizes supplier onboarding, continuous monitoring, and workforce readiness.
Security teams can operationalize defense with curated training through CyberUpgrade, centralize plant network visibility using Auvik, and keep attack surfaces in check through Tenable’s exposure management.
Process leaders can reinforce ransomware resilience with the practical steps discussed in ransomware defense guidance, complemented by secure data rooms like Tresorit for design collaborations.
Implications for Automakers, Tier Ones, and Drivers
The Automotive Cybersecurity Partnership promises faster compliance, clearer engineering handoffs, and improved mean time to detect and respond. Automakers can consolidate vendor efforts, suppliers gain a consistent security baseline, and drivers benefit from safer, more reliable software updates.
This can reduce audit strain and help teams focus on safety features that matter to customers.
There are tradeoffs. The Automotive Cybersecurity Partnership approach demands disciplined processes, skilled staff, and closer supplier oversight. Short-term costs can rise as teams document SBOMs, run continuous testing, and maintain incident runbooks.
However, the long-term payoff is lower recall risk, smoother certifications, and a stronger security culture that improves delivery predictability.
Enterprises that tie these methods to performance metrics will see the clearest benefits. Linking findings to defect reduction, uptime, and warranty cost can keep security aligned with business outcomes.
Conclusion
The Automotive Cybersecurity Partnership between Sasken and VicOne reflects the industry’s shift from ad hoc controls to integrated, measurable security. It recognizes that modern vehicles are software-defined products that require continuous care.
By pairing deep embedded expertise with operational monitoring, the Automotive Cybersecurity Partnership gives automakers a path to meet regulations and improve resilience without stalling innovation.
For organizations planning their next platform, this Automotive Cybersecurity Partnership can serve as a blueprint for secure design and dependable operations.
FAQs
What problem does the partnership address?
- It tackles end-to-end vehicle security, from secure development to fleet monitoring and incident response.
How will this affect suppliers?
- Suppliers get clearer security requirements, repeatable processes, and tools that speed validation and audits.
Does this help with regulatory compliance?
- Yes, the program aligns with ISO/SAE 21434 and UNECE R155, and supports NHTSA expectations on reporting.
What supporting tools are recommended?
- Exposure management with Tenable, network monitoring via Auvik, credential security with 1Password or Passpack.
How does it improve incident response?
- It connects findings to runbooks, provides monitoring context, and reduces mean time to detect and recover.
Can smaller suppliers participate?
- Yes, the framework scales, with cloud backup via IDrive and email protection through EasyDMARC to ease adoption.
Where can I learn more?
- Review the full announcement and NHTSA’s public guidance on vehicle cybersecurity.
About Sasken
Sasken is a global engineering services company known for its work across semiconductors, devices, automotive, and industrial systems. The company brings decades of embedded expertise, AUTOSAR know-how, and testing depth to the Automotive Cybersecurity Partnership.
Its teams help OEMs and suppliers translate safety and performance requirements into firmware, middleware, and application stacks that scale. With a focus on measurable outcomes, Sasken supports compliance, product quality, and faster time to market.
Sasken’s culture emphasizes long-term customer value through repeatable processes, traceability, and tooling that keep complex programs on schedule and secure.
About VicOne
VicOne, a cybersecurity firm focused on the automotive sector, contributes vehicle threat intelligence, telemetry analysis, and vehicle security operations to the Automotive Cybersecurity Partnership. Its approach blends research with fleet-scale monitoring to catch emerging risks early.
The company’s solutions support secure OTA, vulnerability prioritization, and incident investigation across connected vehicles and backend systems. This helps OEMs turn signals into actions that lower risk while preserving driving experience.
VicOne builds on domain knowledge to integrate with existing toolchains, so engineering and operations teams can collaborate without friction.
Biography: Max Cheng
Max Cheng is a leader in automotive and enterprise cybersecurity and serves as the chief executive at VicOne. He has overseen the development of products that combine telemetry, analytics, and response, bringing rigor to connected-vehicle defense that aligns with regulatory frameworks.
With experience across research and product delivery, Cheng advocates for collaborative models that link engineering to security operations. This mindset is reflected in the Automotive Cybersecurity Partnership, which translates real-world intelligence into practical controls.
Cheng continues to champion security that is measurable and transparent, helping automakers build trust with drivers while accelerating innovation.
