November 28, 2022

Volume XII, Number 332

Advertisement

November 28, 2022

Subscribe to Latest Legal News and Analysis

NHTSA Publishes Final Cybersecurity Best Practices

On September 9, 2022, the National Highway Traffic Safety Administration (NHTSA) announced its publication of final Cybersecurity Best Practices for the Safety of Modern Vehicles (the “2022 Best Practices”). The 2022 Best Practices reflect the agency’s final, non-binding vehicle cybersecurity guidance following its release of draft guidance in January 2021. The 2022 Best Practices also is an update to NHTSA’s first cybersecurity best practices document, which was issued in 2016

The 2022 Best Practices describe steps manufacturers can take to improve vehicle cybersecurity in light of emerging risks, taking into account both technological developments as well as other voluntary industry information security standards. These include:

  • creating a system of governance for identifying and preventing cybersecurity risks, including creating processes and procedures to report and eradicate security incidents;

  • implementing risk assessments in the design, manufacturing, and selling of vehicles;

  • proactively auditing processes and procedures to ensure effectiveness;

  • limiting access to vehicle computing resources and design diagnostics to identify and eliminate potential unauthorized access; and

  • promoting collaboration between the industry and staying updated on new innovations and trends/standards in the market, such as the National Institute for Standards and Technology (“NIST”) cybersecurity standards.

The 2022 Best Practices remind vehicle manufacturers to make vehicle cybersecurity a priority as vehicles become more technologically advanced, and to stay informed regarding the best practices to prevent unreasonable, foreseeable cybersecurity risks.

Copyright © 2022, Hunton Andrews Kurth LLP. All Rights Reserved.National Law Review, Volume XII, Number 269
Advertisement
Advertisement
Advertisement

About this Author

In today’s digital economy, companies face unprecedented challenges in managing privacy and cybersecurity risks associated with the collection, use and disclosure of personal information about their customers and employees. The complex framework of global legal requirements impacting the collection, use and disclosure of personal information makes it imperative that modern businesses have a sophisticated understanding of the issues if they want to effectively compete in today’s economy.

Hunton Andrews Kurth LLP’s privacy and cybersecurity practice helps companies manage data and...

212 309 1223 direct
Advertisement
Advertisement
Advertisement