Due to the track record of cyberattacks on the automotive industry in recent years, the Japanese automotive industry is making serious efforts to improve cybersecurity. To that end, the Japan Automobile Manufacturers Association (JAMA) and the Japan Auto Parts Industries Association (JAPIA) both formed cybersecurity working groups. These two collaborated in 2019 to develop the JAMA/JAPIA Cybersecurity Guidelines, and on March 31, 2022, a second version was released.
This publication will walk you through the latest JAMA/JAPIA guidelines (revised V2.0 on March 31, 2022), combining various existing cybersecurity standards and other benchmarks. By using these guidelines, organizations and individuals who are unsure where to start with security measures can take that initial step with confidence. Moreover, the guidelines define three levels, from the minimum implementation items to the ultimate goals to be achieved, with Level 1 being the minimum implementation items. The purpose of this is to demonstrate the minimum necessary countermeasures that must be used regardless of company size. These levels are defined as:
- Level 1: All companies (including small businesses) must implement 50 Security Control Items.
- Level 2: Companies that a) handle exertional confidential information; b) possess significant internal technology or information; or c) are of reasonable size or a reasonably large market share must implement 74 Security Control items in addition to the 50 items from Level 1.
- Level 3: Companies that are representative of or intricately tied to the automotive industry must implement 29 Security Control Items in addition to the 74, and 50 Security Control Items delineated in Levels 1 and 2.
This also provides a brief breakdown of the 24 major areas, or domains, that the framework divides best practices into, and goes into further detail about the focus of the guidelines as well as how TXOne’s solutions go hand-in-hand with these security control items.
Read here to illuminate how an organization can abide by these best practices guidelines moving forward.