The first proven use case is the automation of CSMS for mobility companies

Jerusalem, Israel, July 24, 2024: C2A Security, the risk-driven product security company for software-defined products, announced today the addition of its Workflow Automation Module, natively built into the company’s award-winning DevSecOps Platform, EVSec. This addition offers a highly customizable and automated workflow management system designed to streamline compliance processes and elevate operational efficiency between teams, suppliers, and complex toolchains.

The new Workflow Automation module addresses the growing demand for robust and efficient cybersecurity management by integrating advanced automation capabilities into the compliance workflow from the need to collect evidence for proper security procedures, align between teams in the organization and suppliers, and interact with multiple cybersecurity tools to utilize crucial security data as part of the workflow management process.

A CSMS Dashboard created with the new Workflow Automation Module

Working with the Workflow Automation module is exciting! It holds a lot of promise and is exactly what we need to save time and effort with our CSMS”, commented a Product Security Manager at a global car maker, one of the customers that purchased the new Module.

The new Workflow Automation module offers customized and automated workflow management for compliance, such as the Cybersecurity Management System (CSMS). Car makers and Tier 1 suppliers must deploy a CSMS into their product development process, to comply with UN Regulation No.155, across their entire fleet and throughout the vehicle lifecycle – from design and development to testing, production, and post-production. Non-compliance can result in fines of up to $30k per vehicle and revoking the company’s Type Approval (its ability to sell cars and/or components).

The new Workflow Automation module adds to EVSec’s capabilities of simplifying and optimizing the tasks associated with adhering to the complex regulatory landscape, navigating between regional standards and regulations, as ISO 15118 of EV to Grid, NIST 1.1 Framework for Critical Infrastructure Cybersecurity, Chinese GB Vehicle Cybersecurity Standards, India’s AIS 189, ISO/SAE 21434, the EU Cyber Resilience Act (CRA), NIST 8473, the UK’s Critical National Infrastructure, ISO/TS 15066, and others. The CSMS Automation workflow enhances efficiency by replacing manual tasks with automated functions, allows the collection of evidence for the regulators, and interacts with teams, suppliers, and the customer toolchain for full visibility and automation of management of the needed cybersecurity collaterals and processes, thereby minimizing human errors and optimizing process execution.

**

Key Features and Benefits:

Customized Workflow Management: The Workflow Automation module allows users to design and implement workflows that align with their specific operational requirements, and pull data from EVSec, and external systems in the customer DevOps toolchain.

Automated Regulatory Compliance: The Workflow Automation module is designed to help customers stay compliant with out-of-the-box workflows for different regulatory needs, including ISO/SAE 21434, NIST 8473, and other relevant cybersecurity frameworks.

Enhanced Efficiency: By automating repetitive tasks, the module significantly reduces the burden of manual work. This not only accelerates the process execution and monitoring but also frees up valuable resources.

Optimized Process Execution: The module leverages advanced automation to optimize every phase of the regulatory process, from risk assessment and testing to monitoring and reporting. This holistic approach ensures a streamlined and efficient workflow.

**

“We are excited to introduce the Workflow Automation module as part of our vision to transform security from a limitation to a business value multiplier for our customers,” said David Mor-Ofek, Head of Product, C2A Security. “This new module empowers companies that create complex, highly regulated products and manage their cybersecurity processes more effectively, reduce operational risks, and ensure regulatory compliance with greater ease.”

EVSec, C2A Security’s industry-pioneering DevSecOps Platform, enables cross-functional sharing and collaboration between teams, customers, and supply chains while offering full digital twin capabilities of the product. EVSec applies a risk-driven approach to product security, drawing contextual intelligence from the Model for fast and accurate management of vulnerabilities, security, and operations by design and an overall efficiency boost to the customer’s development and operations of software-defined products. Recently, it was announced that Daimler Truck AG selected C2A Security as its product security platform on a multi-year enterprise agreement.