In the organizations, where information is the critical asset, it is required to define some rules and regulations to protect the information assets from unauthorized access. The policy makers of such organization should define cybersecurity objectives and establish regulatory framework. The policy makers should properly analyze the organizational environment and operations and then define the objectives as it is the backbone of the bill. It is the responsibility of policy makers to take into account the threats, vulnerabilities and risks related to ICT infrastructure and to make policies accordingly. The policies should be strong enough that while adopting them, the risks and threats would be minimized. The policies reflect the organization’s overall approach towards the business operations and related risks.
Limitation to vehicle cybersecurity :
Although there is no such malicious cyber attack on autonomous vehicle till now. But the real danger was seen when two hackers try to access the jeep and intend to remotely control it. they succeeded and interrupts its transmission on the halfway. It was done for research purposes. However this shows that autonomous vehicle are vulnerable and hence they need to adopt strategies and mitigate such risks.
On of the major limitation in cybersecurity is because of the numerous electrical components present in the car which is connected through internal network. if the hackers succeeded in accessing the Bluetooth or infotainment system of the car then they will be definitely be succeeded in gaining the control of the critical components such as brakes or engine.
Autos today have up to 100 ECUs and in excess of 100 million lines of code — an enormous assault surface. Additionally confusing issues, car producers source ECUs from a wide range of providers, implying that nobody player is responsible for, or even acquainted with, the greater part of a vehicle’s source code.
The risk of car cyberattacks will just increasingly pose a threat as society advances to independent vehicles. In any case, even before self-governing vehicles end up boundless, auto hacking is as of now an undeniable threat: In 2014, the greater part of the vehicles sold in the United States were associated, implying that they are powerless against cyberattacks.
Steps to improve cybersecurity in autonomous cars:
A standout amongst other approaches to shield associated autos from this developing risk is by building security into the outline of the vehicles. This implies, for instance, guaranteeing that there are no contentions, blunders or misconfigurations in singular segments. Completely amassed autos ought to be tried all the more thoroughly to guarantee the last item lives up against security hacks, utilizing strategies, for example, penetration testing, whereby frameworks are deliberately assaulted to uncover flaws. This thusly would mean better instruments and measures that would drive everybody in the business to factor in security appropriate from the begin.
The following enormous test is probably going to outline vehicles that match security with wellbeing. As self-driving innovation develops to utilize more computerized reasoning and profound learning systems, we will depend on yet more programming to control our autos and settle on choices on security grounds like human drivers would. This will make it much more essential that the autos are secure so they additionally ensure drivers’ wellbeing.
FISMA:
FISMA defines policies related to IoT. But its policies are not enough for the “Internet of things” (IoT). As FISMA directs NIST to establish guidelines and standards to maintain security of IT related infrastructure. FISMA defines steps that will move the organization towards NIST compliance. NIST has well structured policies related to IoT which includes the policies related to cybersecurity of autonomous vehicle. By following those policies organizations can ensure security in their IoT’s.
