With challenging cybersecurity requirements on the horizon for automotive companies in 2022, security teams can look to BSIMM12 for guidance. For security teams in the automotive industry, 2021 was an extremely busy year. Cybersecurity became a requirement for market access and compliance, so the entire industry faced a challenging timetable. The security groups in automotive companies are experiencing “forced growth” brought about by rigorous cybersecurity compliance requirements.

For a variety of reasons, some more obvious than others, it’s unreasonable to expect federal and local governments to develop the software that supports their day-to-day operations. So they turn to solutions provided by private companies. This is really a win-win situation; the government gets access to best-of-breed solutions developed by experienced companies, and the vendor secures funds that help spur innovation that’s available to the public and private sector alike.

I love the boundless possibilities of modern software development. Anyone with a computer and an internet connection can code. More than any other time in human history, each of us has the power to build something in software, to realize whatever we can imagine. At the same time, a thriving ecosystem of open source software components allows us to stand upon the shoulders of giants, to quickly assemble huge building blocks of existing functionality that can rocket us toward our own goals.

As the pace and complexity of software development increases, organizations are looking for ways to improve the performance and effectiveness of their application security testing, including “shifting left” by integrating security testing directly into developer tools and workflows. This makes a lot of sense. Defects, including security defects, can often be addressed faster and more cost-effectively if they are caught early.