• Thales has been successfully certified against the automotive standard 'ISO/SAE 21434' following an independent audit, demonstrating the highest level of cybersecurity expertise in the field.
• Obtaining this critical certificate required by 68 countries, establishes Thales as a trusted cybersecurity provider for the automotive market.
• Car industry players must conform to stringent regulations, and Thales' overall cybersecurity expertise helps them in monitoring and preventing cyber threats; such as hacking, data theft and software alteration.
There is a clear growing demand for increased cybersecurity in the automotive industry. The United Nations Economic Commission for Europe (UNECE) responded by issuing a new regulation (UN Regulation No. 155) for vehicle Cyber Security Management System. This covers risk and security assessment, threat detection, and vulnerability monitoring over the entire vehicle lifecycle. In consequence, the automotive industry is implementing a mandated cybersecurity standard (ISO/SAE 21434) that applies not only to car manufacturers, but also to all vehicle cybersecurity suppliers such as Thales. Being compliant in this highly regulated environment reinforces Thales' leadership in automotive cybersecurity.
The ISO certification ensures Thales offers solutions with the highest level of security for car makers, integrators, and by extension users, and this starting from the vehicle development. It outlines the many procedures that should be followed to secure road vehicle cybersecurity. As a result, this certification demonstrates that the complete process of developing Thales cyber solutions has been evaluated and certified. Identifying the vehicle's cybersecurity needs, designing and implementing cybersecurity measures, and continuously monitoring and updating the cybersecurity system are all part of the proven expertise.
By default, Thales 'security-by-design' approach is applied to all of its onboard solutions and services designed, built, and implemented in cars. This comprises embedded secure elements, credentials management and storage, authentication systems, firmware update and much more. It establishes strict vulnerability monitoring and risk assessment for a secure future-proof maintenance.
Furthermore, this certification reinforces the trust that Thales provides in the data management throughout the connected vehicle's lifecycle. This is crucial because car makers must provide remote application and embedded device upgrading, patching, and improvement in connected vehicles. This data protection capability protects vehicles from cyberattacks while also increasing customer trust in the +300 million connected cars expected by 20271.
"Automotive connectivity and digitization provide end-customers with numerous service opportunities. However, in order to benefit from these services, drivers and passengers must trust the safety, security and privacy of their vehicle," said Christine Caviglioli, VP Automotive at Thales. “We consider the impact of ISO certification as highly positive for the market. Obtaining this certification makes us feel even more proud in a climate where cyber has become vital and indisputable. At Thales, we are all set to continue supporting our customers in the face of this new security challenge by providing certified ‘ready to use’ solutions.”
Thales (thalesgroup.com) is a global leader in advanced technologies within three domains: Defence & Security, Aeronautics & Space, and Digital Identity & Security. It develops products and solutions that help make the world safer, greener and more inclusive.
The Group invests close to €4 billion a year in Research & Development, particularly in key areas such as quantum technologies, Edge computing, 6G and cybersecurity.
Thales has 77,000 employees in 68 countries. In 2022, the Group generated sales of €17.6 billion.