Anna Prudnikova
Anna Prudnikova is a Team Manager in the domain of security standardization and certification with over ten years of working experience in the field of cyber security. Her expertise in cyber security varies from experience in audit and assurance to technical expertise in testing. Within Secura, Anna is responsible for services related to cyber security of products with a special focus on OT products, automotive and maritime security.
Session
In the current realities, automotive cybersecurity is mostly driven by compliance need, however, we are used to view compliance as some form of just ticking a box without considering the real implication of cyber security. But is it really everything that compliance stands for? Automotive cybersecurity is a good example that shows how vehicle manufacturers are required to take cyber security into account not only in the cars themselves but also integrate into all existing manufacturing processes. Regulators require from automotive industry to develop appropriate cyber security management system, perform threat and risk assessment, take control over their suppliers and of course perform penetration testing. In this talk we are going to focus on the study case of performing threat and risk assessment of the door system of a bus that seemed like a trivial task without any obvious cyber security threats. In reality we have identified around 50 potential cyber security threats some of them having direct impact on safety of the passengers. Those risks would have been missed and not addressed without the regulators requirements.