Cybersecurity

Cyber Security - 3rd Party Information Security

Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019. The World Economic Forum (WEF) says a significant portion of cybercrime goes undetected, particularly industrial espionage where access to confidential documents and data is difficult to detect.

That’s why GM, Ford, FCA and Honda came together at AIAG to develop a unified set of information security expectations, the Cyber Security 3rd Party Information Security publication – cybersecurity guidelines for automotive trading partners.

Based on NIST 800:53, NIST 800:171, and ISO 27002, this newly developed document outlines minimum guidelines for the secure exchange of information for supplier partners who collect, process, manage, access or store OEM data outside of the OEM’s computing environment.

NIST (The National Institute of Standards and Technology) is a non-regulatory federal agency under the Department of Commerce. NIST 800:53 and NIST 800:171 are offered free and are a great place to start your journey to implementing cyber security best practices. ISO 27002 is the international standard developed to help you implement security information management guidelines.

Get on track with securing your company data and complying with OEM information security expectations; get the Cyber Security 3rd Party Information Security publication and free NIST resources today.

Publications - Order Today

This product contains a common set of minimal security guidelines, General Computing Controls, that apply to all 3rd Parties who create, collect, store, transmit, manage, process an OEM's data and information in an environment external to the OEM's.


ISO/IEC 27002:2013 gives guidelines for organizational information security standards and information security management practices including the selection, implementation and management of controls taking into consideration the organization's information security risk environment(s).

Upcoming Supply Chain Events