Share these talks and lectures with your colleagues
Invite colleaguesPractice paper
How to secure development environments
Cyber Security: A Peer-Reviewed Journal,
8
(3),
232-242
(2025)
Abstract
In July 2024, Porsche announced the discontinuation of its petrol-powered Macan sports utility vehicle (SUV) sales in Europe due to cyber security compliance issues with UN Regulation No. 155. This regulation mandates robust cyber security measures to protect vehicles from cyber threats, highlighting the direct impact of cyber security regulations on the automotive industry. While this is a drastic instance of a cyber security regulation directly affecting the automotive industry, other regulations, such as the Network and Information Security Directive (NIS2), impose cyber security standards in more subtle yet comprehensive ways. The NIS2 is set to transform cyber security expectations across various industries, including automotive manufacturing. NIS2 extends beyond simple compliance, emphasising proactive cyber security measures that start long before cars are built. The upcoming implementation in the automotive industry aims to enhance cyber resilience and mitigate the financial and reputational damage caused by cyber incidents. This directive covers the entire life cycle of a vehicle, from the initial design and development of the car and its software to the production and maintenance stages. This paper proposes that urgent action is required to safeguard the industry’s digital infrastructure from increasing cyber security threats.
Keywords: cyber security; DevSecOps; automotive; zero trust
The full article is available to subscribers to the journal.
Author's Biography
Gerd Giese is a committed and well-networked industry strategist and thought leader with over 20 years’ experience in web and data centre security. He has been working on security, performance and scaling for his customers with great enthusiasm and a hands-on mentality at the globally active security specialist Zscaler, Inc. since 2003. In his current role as a Transformation Architect, he is active in strategy implementation in the industrial marketing and finance sectors and he represents at conferences, in the media and at industry events. In his internal and external activities, he enjoys applying his strengths to explain highly complex technical relationships in an understandable way to people in a wide variety of roles, from senior management to technical department managers and developers. In situations requiring special attention or even de-escalation, he provides support with empathy and persuasion. He has published numerous technical articles on current topics related to the Internet, performance and security, such as the stability of the Internet during the COVID-19 pandemic, credential stuffing in the financial sector and the worldwide battle against cyberattacks.
Frank Bartel is an experienced Business Consultant in the automotive sector, currently working at Fortinet in Munich. With over 20 years’ experience in IT sales, he supports his customers in translating business requirements and strategic goals into technical solutions. Since 2022, he has been in his current role, where he builds long-term relationships as a trusted technical and business adviser. His main responsibility is demonstrating the business value of Fortinet’s solutions, aligning them with the operational goals of his clients. Previously, Frank worked as an Enterprise Solution Lead and Enterprise Architect, supporting global clients in implementing Fortinet’s security-driven networking solutions. His focus was on integrating the company’s technologies into large enterprise architectures. Before joining Fortinet, Frank gained over 23 years’ experience at Cisco, where he served as a Systems Architect, designing complex IT architectures for the automotive sector and coordinating global teams. He also worked as a Customer Solutions Architect, supporting industries such as manufacturing, healthcare and energy. Frank holds a degree in electrical engineering from the Bochum University of Applied Sciences and has several industry certifications in cyber security and cloud technologies. With his extensive expertise, he is a key partner for companies seeking innovative and secure IT solutions.
