Škoda operates a growing ecosystem of connected vehicles, digital services, and supporting infrastructure. As this digital footprint expands, so does the complexity of managing cybersecurity risks across products, services, partners, and internal systems.

Recognising the need for a unified and proactive approach, Škoda initiated a project to centralize how cyber-related findings, signals, and risk information are collected, processed, and operationalised. The goal was to empower various Škoda teams to proactively identify potential risks, collaborate efficiently on mitigation activities, and support compliance.

  • IndustryAutomotive
  • About Škoda Škoda Auto, headquartered in Mladá Boleslav, Czech Republic, is one of the oldest and most established car manufacturers in the world. As part of the Volkswagen Group, Škoda combines deep automotive heritage with modern engineering and digital innovation, delivering vehicles and mobility solutions across global markets.

THE CHALLENGE:

As connected vehicle adoption accelerates, the cyber threat landscape grows increasingly complex. Risks extend across cloud environments, internal IT systems, consumer-facing applications, connected products such as charging infrastructure, and the wider supply chain. In this ecosystem, it is critically important for the Škoda teams to be able to build a timely and consistent picture of potential issues.

At the same time, regulatory frameworks such as UNECE WP.29 R155 and ISO/SAE 21434 require OEMs to maintain structured processes for monitoring, assessing, and documenting cyber-related threats. Meeting these expectations demanded a more coordinated and streamlined approach.

Škoda set out to address several operational needs:

  1. Consolidate risk-related information into a single environment, ensuring teams work from a unified and consistent view.
  2. Gain earlier, more automated visibility into emerging risks and ecosystem changes, reducing reliance on manual monitoring and ad-hoc escalation paths.
  3. Support smoother collaboration across internal stakeholders and, when relevant, selected external partners, improving the clarity and flow of information.
  4. Reduce manual effort associated with compliance tasks, including evidence collection and internal reporting.
  5. Enable a small central team to coordinate cybersecurity activities efficiently, without adding administrative burden across departments.

THE SOLUTION:

Škoda selected Upstream as a cybersecurity partner to support its long-term resilience and proactive centralized approach to managing cyber-related activities across its connected vehicle and digital ecosystem.

With Upstream’s partnership, Škoda teams can gain visibility, review information, and collaborate on cyber-related findings within a unified environment. Dozens of cybersecurity and engineering professionals regularly access the platform to review findings, request clarification, and accelerate routine processes. The platform also provides earlier visibility into potential risks across Škoda’s products, cloud services, and supporting systems. Structured analysis and collaboration features allow teams to ask questions, share context, and document decisions directly within the platform, reducing reliance on manual communication channels and improving the speed and quality of internal responses.

In addition, Škoda uses the platform to support activities associated with regulatory frameworks such as R155. By consolidating evidence, actions, and related information into an organised workspace, the platform simplifies preparation for compliance reviews and reduces administrative overhead.

“Our partnership with Upstream supports our activities required under R155 and helps us build a more robust cybersecurity resilience across our ecosystem. The partnership gives us the visibility and confidence we need to act proactively.”
— Miroslav Sivous, Threat Intelligence expert at Škoda Auto

THE RESULT:

One of the most impactful outcomes for Škoda has been the speed and clarity with which teams can now review and respond to cyber-related findings. Information that previously required extensive coordination is now surfaced and processed earlier, enabling proactive mitigation and improved situational awareness across Škoda’s connected vehicle and digital ecosystem.


The partnership has also grown into a continuous improvement model. Frequent communication, structured feedback loops, and shared workflows allow Upstream to respond quickly to Škoda’s evolving needs. Enhancements are made in direct alignment with Škoda’s operational reality, supporting a collaborative and customer-driven evolution of the platform.


Škoda now benefits from clearer processes, reduced manual effort, and streamlined documentation of activities related to regulatory requirements such as UNECE WP.29 R155. By consolidating information and workflows into one environment, reporting, evidence collection, and audit readiness have become significantly more efficient, which turns compliance into a natural output of improved day-to-day operations.


Overall, Škoda has strengthened its cybersecurity resilience through a coordinated, insight-driven operational model. The platform improves collaboration, accelerates decision-making, and establishes scalable processes capable of supporting an increasingly complex ecosystem of vehicles, services, and apps.

 

“Škoda’s proactive mindset and dedication to continuously improving their cyber-resilience processes set a strong example for the industry. They demonstrate how operational excellence and forward-thinking leadership can meaningfully elevate cybersecurity maturity.”
– Yoav Levy, Co-founder & CEO, Upstream Security

Newsletter Icon

Mind the Cyber Gap – Global Automotive and Smart Mobility Cybersecurity Report

Newsletter Icon

Subscribe
to our newsletter

Stay up-to-date on the latest trends, emerging risks, and updates

THE RESULT:

One of the most impactful outcomes for Škoda has been the speed and clarity with which teams can now review and respond to cyber-related findings. Information that previously required extensive coordination is now surfaced and processed earlier, enabling proactive mitigation and improved situational awareness across Škoda’s connected vehicle and digital ecosystem.


The partnership has also grown into a continuous improvement model. Frequent communication, structured feedback loops, and shared workflows allow Upstream to respond quickly to Škoda’s evolving needs. Enhancements are made in direct alignment with Škoda’s operational reality, supporting a collaborative and customer-driven evolution of the platform.


Škoda now benefits from clearer processes, reduced manual effort, and streamlined documentation of activities related to regulatory requirements such as UNECE WP.29 R155. By consolidating information and workflows into one environment, reporting, evidence collection, and audit readiness have become significantly more efficient, which turns compliance into a natural output of improved day-to-day operations.


Overall, Škoda has strengthened its cybersecurity resilience through a coordinated, insight-driven operational model. The platform improves collaboration, accelerates decision-making, and establishes scalable processes capable of supporting an increasingly complex ecosystem of vehicles, services, and apps.

 

“Škoda’s proactive mindset and dedication to continuously improving their cyber-resilience processes set a strong example for the industry. They demonstrate how operational excellence and forward-thinking leadership can meaningfully elevate cybersecurity maturity.”
– Yoav Levy, Co-founder & CEO, Upstream Security