NHTSA Must Define Role, Responsibility if There's Vehicle Cyberattack, GAO Says
Federal transportation regulators need to define and document government's role and responsibilities to address cyberattacks on vehicles, especially as autonomous and connected-vehicle technologies are deployed, GAO said in a Monday report. It said the National Highway Traffic Safety Administration is…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
investing more in cybersecurity research and is soon expected to release industry guidance to help decide when vulnerabilities should be considered safety defects in justifying recalls. NHTSA also is examining the need for cybersecurity standards and regulations, but such guidance won't be available for another two years at least, GAO said. Until NHTSA develops a plan defining its role, "the agency's response efforts could be slowed as agency staff may not be able to quickly identify the appropriate actions to take," GAO said. The report also said several industry led-efforts are underway to help automakers and parts suppliers to mitigate cybersecurity vulnerabilities, increase threat and vulnerability information sharing among companies and deploy better technologies such as message encryption and authentication.