This is the 2nd post about Automotive Cybersecurity.
Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting offer for automotive I thought maybe I check what ChatGPT things about them.
First post was about CSMS and ISO 21434 and this one is about TISAX.
Tell me about challenges in TISAX certification
“TISAX (Trusted Information Security Assessment Exchange) is a security assessment and certification process for automotive suppliers. The certification is used to evaluate and ensure the information security capabilities of companies in the automotive sector.
There are several challenges associated with TISAX certification:
- Complex requirements: TISAX has extensive and complex security requirements that can be difficult to understand and implement. Companies may struggle to meet these requirements and may need help from experts to achieve certification.
- Resource constraints: Implementing the security measures required for TISAX certification can be resource-intensive and time-consuming. This can be especially challenging for small or medium-sized businesses.
- Technical difficulties: Companies may face technical challenges in implementing the necessary security controls, particularly if their existing systems are not well-suited to the TISAX requirements.
- Cost: The cost of TISAX certification can be significant, and this may be a challenge for companies with limited budgets.
- Maintenance: TISAX certification must be maintained, and companies must continually evaluate and improve their security controls to stay certified. This can be a challenge, as the threat landscape is constantly evolving and new risks emerge.
Overall, TISAX certification requires a substantial investment of time, resources, and expertise, but it is considered an important aspect of information security for companies operating in the automotive sector.”
So, I have to say that this impressed me a bit …
I have always difficulties explaining to my customers why is it so hard to pass the TISAX audit.
It is all true, and actually it is quite a challenge to get companies to commit to a long term cooperation with a consulting company, which can help them understand the requirements and teach them how to apply them.
I will get back to ChatGPT from time to time and try to get such short descriptions for various things I need.
© Copyright 2023 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity
Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.
Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch