Finite State, a leader in product security and software supply chain risk management, announced that Chief Security Officer Sharon Hagi will present the keynote address “AI Closes the Window: Automotive Supply Chain Security in an Accelerated Threat Environment” at the Auto-ISAC (Information Sharing and Analysis Center) Europe Cybersecurity Workshop, 11:40 a.m.–12:10 p.m. Wednesday, June 24, 2026, at the Spazio Ferrari Maranello in Maranello, Italy.
Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX
Modern cars are hackable in the same way any complex connected product is hackable. The most realistic risk is a chain of weaknesses across the vehicle, the mobile app, the cloud backend, or supplier-provided software.
The session will explore the evolving realities of securing software-defined vehicle ecosystems and scaling defensible product security workflows across modern automotive development environments.
With connected vehicle ecosystems becoming increasingly software-defined, automotive organizations face growing pressure to manage software complexity across ECUs and supply chains, reduce vulnerability noise, and continuously demonstrate security and compliance readiness across the product lifecycle.
Hagi’s keynote is designed to help European OEMs, suppliers, and mobility providers navigate evolving cybersecurity regulations, vulnerability disclosure expectations and issues, and the operational realities of securing modern vehicle platforms built on rapidly changing software.
Recognizing that fragmented tools and manual workflows cannot keep pace with the scale and complexity of firmware-heavy systems, supplier ecosystems, and continuous software delivery, the session will help equip automotive security and engineering teams to move at the speed of modern vehicle development.
Finite State CEO and Founder Matt Wyckhouse said, “Modern cars are hackable in the same way any complex connected product is hackable. The most realistic risk is a chain of weaknesses across the vehicle, the mobile app, the cloud backend, or supplier-provided software.
“The industry has made real progress with secure update mechanisms, stronger engineering practices, vulnerability disclosure programs, SBOMs, and automotive cybersecurity standards. But the hard part is proving, continuously, what is actually in the vehicle and whether it is exposed, recognizing that it’s impossible to secure what isn’t understood.”
Finite State Live Demonstrations
The Finite State team will run live demonstrations of artifact-backed workflows for connected vehicle security with:
- Unified product intelligence – analyzing and connecting firmware, binaries, source, and supplier inputs into a complete, continuously updated system of record grounded in what actually ships across ECUs and vehicle platforms
- Exploitability-based prioritization – focusing on real exposure using reachability and context, with a defensible rationale for what matters across in-vehicle systems and what does not
- New CVE to impacted vehicle platforms – enabling teams to move from vulnerability disclosure to impact analysis quickly, with consistent VEX decisions and traceable outputs across ECUs, builds, and variants
- Design-to-deployment traceability – connecting architecture, threats, risks, and requirements directly to deployed vehicle software, and keeping them aligned as systems evolve
- Continuous compliance outputs – automatically generating SBOM, VEX, traceability, and audit-ready reports that stay current across releases and support evolving automotive cybersecurity regulations
Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?
[To share your insights with us, please write to psen@itechseries.com ]
