Škoda Auto has launched a new strategic partnership with mobility security company Upstream in an effort to reinforce cyber resilience across its growing connected‑vehicle ecosystem. The collaboration, announced Monday, reflects the automaker’s push to manage cyber risks more efficiently as its digital footprint expands across vehicles, apps, cloud systems, and supply‑chain infrastructure.
Israeli start-up Upstream developed a platform that provides cybersecurity extended detection and response (XDR) for connected vehicles and IoT. According to the company, their platform utilizes data from IT, OT, IoT, and connected vehicles, employing advanced detection methodologies to identify known and emerging anomalies in real-time to mitigate risks.
And as modern vehicles become increasingly software‑driven, automakers face a rising volume of cyber threats alongside stricter regulatory requirements. Their platform requires no installation of any software or hardware. Their customers include Renault, Volvo, Hyundai, BMW, Nissan, and Mitsubishi.
Škoda says the partnership will help centralize threat intelligence and risk data into a single operational environment, giving cybersecurity and engineering teams earlier visibility into potential vulnerabilities while reducing the manual workload associated with compliance and internal reporting.
Miroslav Sivous, a threat‑intelligence expert at Škoda Auto, said the collaboration directly supports the company’s obligations under the UNECE WP.29 R155 regulation that requires OEMs to prove that their vehicle software and connected ecosystem have gone through stringent cybersecurity measures during development and after production.
“Our partnership with Upstream supports our activities required under R155 and helps us build a more robust cybersecurity resilience across our ecosystem. The partnership gives us the visibility and confidence we need to act proactively,” he said.
The complexity of connected‑vehicle systems has broadened the range of potential attack surfaces, from cloud environments and internal IT networks to consumer apps and charging infrastructure.
Upstream’s platform allows Škoda teams to review findings, share context, ask questions, and document decisions in one place, improving situational awareness and reducing the administrative burden of preparing for audits and compliance reviews.
Upstream CEO and co‑founder Yoav Levy said Škoda’s approach reflects a broader shift in the industry toward continuous cybersecurity improvement.
“Škoda’s proactive mindset and dedication to continuously improving their cyber-resilience processes set a strong example for the industry. They demonstrate how operational excellence and forward-thinking leadership can meaningfully elevate cybersecurity maturity,” he said.
Both companies say the partnership has already streamlined operations that previously required extensive coordination, with clearer workflows and more efficient communication. The collaboration has evolved into an ongoing improvement model, with regular feedback loops ensuring the platform adapts to Škoda’s changing needs as its digital services expand.