Elastic announces TISAX certification, enhancing security in connected vehicles


Today, connected vehicles are proliferating, smart cities are translating from vision to reality, and cloud-based connectivity services are increasing. Advanced connectivity solutions like 5G, cloud-based services and automations, and personalization are redefining in-vehicle experiences. In addition, the growth of an intelligent Edge, smart infrastructure, and the Internet of Things are pushing the boundaries of the connected car.

Automakers worldwide have slowly but steadily come to terms with what is commonly known as the “software-defined vehicle.” It will not be an exaggeration to say that the car of the future will be primarily software-driven, and the digital chassis will control every element within the car from autonomy to driver assistance to cockpit and telematics.

“Security by design” can no longer be an afterthought with such paramount data and connectivity. Regulated cybersecurity requirements aim to ensure that automakers can deliver a secured connected car experience to their buyers. The multitiered auto ecosystem also relies on a unified approach to solving these cybersecurity challenges. The German Association of the Automotive Industry (VDA) in collaboration with the European Network Exchange (ENX) created the Trusted Information Security Assessment Exchange (TISAX). TISAX enables a confident ecosystem of suppliers, vendors, contractors, solution providers, OEMs, automakers, and everyone else to trust the level of security built in and claimed by each player. We are excited that Elastic is now TISAX certified as a trusted partner with the “High” level of protection in Information Security and Data privacy domains. With all the major cloud players such as Google Cloud, Microsoft Azure, and Amazon Web Services (AWS) being already TISAX certified, Elastic Cloud customers have the flexibility to choose the underlying cloud service provider and geographical region on a per-deployment basis.

enter image description here At Elastic, security is woven into our platform.

With TISAX added to our certifications, Elastic has taken a deliberate step to build trust and collaboration in the auto industry. Elastic is also ISO/IEC 27001 compliant, along with a host of other key information security standards and regulations.

Cybersecurity remains a top priority for automakers and suppliers

A 2021 Automotive Cybersecurity report stated that since 2016, there has been a whopping 605% increase in cybersecurity incidents and over 50% of those cases taken together involve losing car-controls and data/privacy breaches.

enter image description here

The advent of wireless technologies like Cellular Vehicle-to-Everything (C-V2X) has added a new dimension, largely expanding the frontier of cyberattack for malicious hackers. This trend will only increase as cars start communicating with each other, smart infrastructure at the Edge, handheld devices, and the network at large.

There is another facet to the cybersecurity challenge — the growth of cloud-based services. Automakers are relying on secured cloud services for a growing number of use cases ranging from seamless over-the-air feature updates in cars to predictive maintenance to secure communications to personalized in-vehicle experiences.

It becomes pretty clear that the connected car landscape involves massive amounts of data and protecting that data for consumers is crucial for automakers and OEMs, alike. In a complex ecosystem like that of automotive, consisting of car manufacturers, OEMs, Tier 1 and 2 suppliers, cloud players, and a significant number of cybersecurity solution providers, the role of compliance and regulatory bodies becomes very critical.

Where the rubber meets the road…

Security is built right into Elastic’s DNA. Whether it’s security vulnerabilities, data privacy concerns, risks with supply chain data, malicious attacks, endpoint security, or any strain of cyber threat, Elastic is strategically positioned to meet the challenges of the automotive industry. A strong relationship with all the leading cloud providers ensures Elastic can easily support cloud-based services in more than 50 regions worldwide.

Elastic has proven capabilities in securing massive volumes of customer data. With holistic and unified protection combining SIEM and endpoint security, Elastic helps connected cars evolve into the proverbial “data centers on wheels.” A typical car today would contain 100 million lines of software code; this will increase exponentially as autonomous vehicles become mainstream. Elastic Observability provides unified visibility into such complex systems removing ambiguity and data silos. Elastic Security then leverages the same Observability data for security against cyber threats and malicious attacks. By removing data redundancy, the Elastic stack takes on security challenges head-on.

Road safety is a non-negotiable requirement of the auto industry. Compliance will be a key factor in implementing these high security standards and regulations. Elastic operates in full compliance with industry processes and regulations. Getting TISAX certified was one step taken towards building confidence amongst the German auto industry players regarding the maturity of processes and solutions at Elastic. We remain focused on delivering customers uncompromised data privacy and information security. So you can sit back, relax, and enjoy the ride.

Drive down the TISAX path

Auto industry partners can choose regions that are TISAX labeled and spin up their fully compliant Elastic Cloud deployments.

Visit the cloud service provider pages for AWS, Google Cloud and Microsoft Azure to learn more about data centers and regions assessed by TISAX.

Log in to the Elastic Cloud Console or visit the preferred cloud marketplace to provision a deployment in a TISAX labeled region.