Poor security costs Fiat Chrysler millions

Last week’s news that security researchers Charlie Miller and Chris Valasek could remotely hack a Jeep Cherokee via a vulnerability in its Uconnect on-board computer was met with a hastily released security patch from Fiat Chrysler and the introduction by senators Ed Markey and Richard Blumenthal of a bill to establish minimum security standards for vehicles.

Now, the automotive giant is recalling 1.4 million potentially affected vehicles, prompting Miller to comment on Twitter, “I wonder what is cheaper, designing secure cars or doing recalls?” (The hint of schadenfreude from Miller is understandable – Chrysler’s timeline doesn’t mention his and Valasek’s research.)

The timing of the recall couldn’t be worse for Fiat Chrysler – this week, the National Highway Traffic Safety Administration fined the company $105 million for recall lapses affecting nearly 11 million vehicles, according to the Wall Street Journal.

There’s a lesson that all companies can learn from this: Implementing good security is always cheaper in the long run.

Organizations that want to implement robust cybersecurity measures should look to ISO 27001, the international standard for information security management.

ISO 27001 presents a comprehensive and logical approach to developing, implementing, and managing an ISMS, and provides associated guidance for conducting risk assessments and applying the necessary risk treatments.

The additional external validation demonstrated by accredited registration to ISO 27001 will improve an organization’s cybersecurity posture while providing a higher level of confidence in customers and stakeholders, which is essential for securing certain global and government contracts.

IT Governance has created four ISO 27001 implementation solutions to give US organizations online access to world-class expertise. Each fixed-priced solution is a combination of products and services that will enable you to implement ISO 27001 at a speed and budget appropriate to your individual needs.

Find out more >>