Consumer Electronics Daily was a Warren News publication.

NHTSA Must Define Role, Responsibility if There's Vehicle Cyberattack, GAO Says

Federal transportation regulators need to define and document government's role and responsibilities to address cyberattacks on vehicles, especially as autonomous and connected-vehicle technologies are deployed, GAO said in a Monday report. It said the National Highway Traffic Safety Administration is investing more in cybersecurity research and is soon expected to release industry guidance to help decide when vulnerabilities should be considered safety defects in justifying recalls. NHTSA also is examining the need for cybersecurity standards and regulations, but such guidance won't be available for another two years at least, GAO said. Until NHTSA develops a plan defining its role, "the agency's response efforts could be slowed as agency staff may not be able to quickly identify the appropriate actions to take," GAO said. The report also said several industry led-efforts are underway to help automakers and parts suppliers to mitigate cybersecurity vulnerabilities, increase threat and vulnerability information sharing among companies and deploy better technologies such as message encryption and authentication.