A Cyber Security Management System (CSMS) is soon going to become mandatory for all vehicles manufacturers and suppliers. In the automotive industry, we are currently seeing that Cyber Security is already a critical success factor. Starting with July 2024, the type approval of vehicles will only be possible if a certified CSMS is available and Cyber Security is ensured throughout the entire life cycle of the vehicle. UNECE WP.29, an upcoming UN regulation on Cyber Security and the ISO/SAE 21434 standard are expected to make this mandatory from mid 2024. But what is a Cyber Security Management System ? We have a bit of an idea from WP.29: The vehicle manufacturer shall demonstrate to an Approval Authority or Technical Service that their Cyber Security Management System applies to the following phases: – Development phase; – Production phase; – Post-production phase. There are some phases missing here, right? What about: Design Architecture Change Management Updates More details in the next post.