The exponential growth of connected and autonomous vehicles has significantly escalated cybersecurity threats, compelling automotive Original Equipment Manufacturers (OEMs) to adopt robust and structured Cybersecurity Incident Response (CSIR) capabilities. Current automotive cybersecurity regulations, such as AIS 189 in India and UNECE WP.29 globally, mandate precise frameworks for proactive threat detection, timely response, and comprehensive incident documentation. This research presents an innovative, comprehensive CSIR framework specifically tailored to integrate seamlessly into OEM cybersecurity management processes. Leveraging a combination of real-time monitoring systems, structured threat categorization methodologies, and integrated escalation and communication protocols, the proposed CSIR framework ensures efficient incident handling aligned with stringent regulatory compliance.
The framework encompasses advanced methodologies including Vehicle Security Operations Center (VSOC) integration for continuous monitoring, standardized incident classification based on severity and potential impact, and well-defined communication channels with national Computer Emergency Response Teams (CERTs) and regulatory authorities. By integrating this framework, OEMs can significantly elevate their cybersecurity resilience, strengthen stakeholder confidence, and effectively meet evolving global cybersecurity regulatory demands.
Keywords: Automotive Cybersecurity, Incident Response, VSOC, OEM Integration, Regulatory Compliance, AIS 189, UNECE WP.29, Threat Management.