Automotive Regulations Webinar Recap: "Enough with the Checklist Mentality" | C2A Security

Experts from C2A Security and ThunderSoft discuss the complex and evolving global regulatory environment for automotive cybersecurity on our recent webinar. The US for example, has established a comprehensive set of guidelines, including the ISO/SAE 21434, ISO/SAE 26262, and SAE J-3061. Meanwhile, the EU has introduced stricter regulations like UN WP.29 R155 and R156, the General Data Protection Regulation (GDPR), and the Cybersecurity Act, shaping cybersecurity standards and fostering cross-border cooperation.

Leading experts recently came together to discuss the emerging regulatory environment for automotive cybersecurity. In a webinar hosted by C2A Security and ThunderSoft, moderator Dvir Reznik, VP of Marketing at C2A Security, was joined by speakers David Mor Ofek and Zhe Ouyang.

David Mor Ofek is the Head of Product at C2A Security. He has extensive software engineering expertise from roles at HARMAN and Cisco. Zhe Ouyang is Director of the Advanced Product Planning Department at ThunderSoft, currently leading cybersecurity and cloud-native products.

Moderator Dvir Reznik opened by noting C2A Security’s recent recognition from the European Startup Prize for Mobility. Speaker David Mor Ofek then discussed how vehicles now require sophisticated software security like any other connected system. However, there is a talent gap in the automotive security field. David emphasized that robust cybersecurity is no longer voluntary – regulations globally now demand it. When done properly, cybersecurity efforts can actually accelerate time-to-market since secure products face fewer roadblocks.

A core challenge David identified is moving from a checklist mentality to an integrated risk management approach. Various cybersecurity activities like TARA, SBOM management, and vulnerability monitoring must come together to provide a unified view of risk. Automation is key to managing this complexity efficiently. David also noted that China’s auto cybersecurity regulations mirror Europe’s in many ways, focusing on network and application security along with extensive security testing.

Speaker Zhe Ouyang provided an overview of China’s cybersecurity regulations for intelligent and connected vehicles (ICVs). China initially took an “innovate now, regulate later” stance, but has grown concerned about ICVs posing national security risks. Zhe walked through China’s layered regulatory model spanning laws, standards, licensing, and inspections.

If you’re interested in watching the replay of this insightful webinar, click here to access the link. Hear directly from these experts on the future of automotive cybersecurity regulations worldwide.

Take Your Next Steps With C2A Security

C2A Security provides the only mobility-centric DevSecOps platform. Our advanced approach to automotive cybersecurity empowers companies to deliver secure products and create new software-based revenue streams while staying compliant and adhering to regulations and standards. Schedule a meeting to see how we can help your team.

Careers Form

Office Administrator

Automotive Regulations Webinar Recap: “Enough with the Checklist Mentality”

More articles that might interest you:

30 EV Ecosystem Statistics You Should Know About in 2025

C2A Security Joins Forces with Automotive Security Research Group (ASRG) as a Key Sponsor

Deloitte and C2A Security Partner to Drive Innovation in Product Security and Risk Management

Follow Us