ISO/SAE 21434 Amendment

The 2024 amendment to the ISO/SAE 21434 standard enhances automotive cybersecurity by focusing on supply chain risks. It mandates including supply chain considerations in TARA, requires managing a Software Bill of Materials (SBOM) for transparency, and formalizes policies for Coordinated Vulnerability Disclosure (CVD) to improve industry-wide response capabilities.

In Enterprise Risk Management, this amendment integrates cybersecurity into procurement by assessing supplier security. By managing SBOMs, companies can proactively mitigate vulnerabilities in third-party software, reducing product liability risks. A formal vulnerability disclosure policy helps manage security incidents effectively, protecting brand reputation and ensuring regulatory compliance.

Taiwanese automotive suppliers often face limited resources, a shortage of cybersecurity talent, and unfamiliarity with SBOM management. Solutions include engaging expert consultants to streamline compliance, adopting automated tools for efficient SBOM generation and vulnerability tracking, and establishing cross-functional teams to meet global OEM requirements.

Winners Consulting specializes in ISO SAE 21434 Amendment for Taiwan enterprises, helping build compliant systems within 90 days.