For CFO's and Auditors, a new family of threats and controls is emerging: Cybersecurity-controls and audit reports for their companies’ connected products. In this webinar, we’ll show you the best practices available worldwide for TARA management and the specific challenges deriving from a highly dynamic cybersecurity risk environment. It will be useful for CFOs, Chief Compliance Officers, Chief Risk Officers, Head of Audit, their departments, and Auditors.
CFOs and Auditors in recent years have increased their audits and controls, mainly regarding “company-cybersecurity”. However, too much is misunderstood or overseen regarding the liability of companies with the rise of connected smart products. Companies have to start creating professional controls regarding their “product-cybersecurity” risks and reflect this in audit-reports – including to shareholders.
In case your company products are smart and connected, it can become an entry port for a cybersecurity attack – not only for the product but as the entry point of the entire local network or ecosystem of your suppliers, customers, other companies, networks, or households your company’s product is connected with.
As best practice – implementable by many industries – the automotive industry is already implementing a new standard managing Cyber “Threat Analysis and Risk Assessment” (TARA) (i.e. ISO/SAE 21434 in connection with UN R155). TARAs will ensure that OEMs and all participants in the supply chain have structured processes in place that support “Security by Design” for their products and services. This requires the implementation of a Cyber Security Management System (CSMS) which is mandatory by 2022 to secure type approval.
Regulatory requirements are expanding, and litigation exposure is growing, while at the same time, there are few enforced security standards or codes of practice that would satisfy current or future risk- and audit controls. Due to the growing importance of cybersecurity, leading companies mitigate these risks and implement best practices.
Perhaps, new norms are too late in case your products and services are connected and the source of damage and litigation? As a CFO, CTO, CRO (Chief Risk Officer) do not wait for a cyberattack against your products and services out in the field to occur, resulting in a financial or measurable reputational loss. Be proactive and prepare yourself!
Franz-Josef Schuermann joined itemis AG in 2021 as a member of the board.
Before joining itemis AG, he was a group board member at The Adecco Group (CEO-DACH and Group CSIO – Chief Sales & Innovation Officer). Before, he served as the Executive Chairman of Infosys Germany. As Global Partner at Accenture, he supported Fortune 100 and DAX 30 companies in their largest transformation initiatives. Throughout his career, he has been involved in more than ten innovative technology based Start-ups.
Franz-Josef Schuermann has over 20 years of experience in the technology space as well as CEO and Board Member. He has been a frequent speaker at globally leading universities and events.
Dirk Leopold is the Head of Advanced Engineering and a senior expert in automotive cybersecurity at itemis AG.
For the past 5 years at itemis, he has been focussing on automotive cybersecurity risk management including related regulations, norms, services, and products. Holding a degree in industrial engineering from the Technical University of Darmstadt, he has 25 years of professional experience in various industries and roles at the national and international levels.
Webinar recording from January 25th including the presentation.