By: Elowen Gray
As industries across the globe promote their shift toward digital and connected technologies, cybersecurity has become a central concern in product development. Vehicles, medical devices, and industrial machinery are now increasingly dependent on software, creating risks that were once rare in these sectors.
Protecting the safety and compliance of these products requires more than conventional testing; it demands the connection of security into every stage of development. C2A Security, founded in 2016 in Israel by Michael Dick, has positioned itself within this sector by focusing on the role of DevSecOps and artificial intelligence in managing product security at scale.
The spread of connected products has blurred traditional boundaries between industries. Automobiles now function as data-driven platforms, healthcare relies heavily on digital medical devices, and robotics plays a vital role in manufacturing and logistics. While these advances deliver efficiency and innovation, they also open up the attack surface available to cybercriminals.
Instead, there is growing recognition that security must be integrated into the entire development process. This perspective fits with the principles of DevSecOps, which integrates development, security, and operations into a continuous workflow.
C2A Security’s approach promotes this shift toward building security in from the start. Rather than treating cybersecurity as an external layer applied at the end of production, the company has worked to create tools that incorporate security considerations directly into the development pipeline.
This integration can be seen in its platform EVSec, which combines DevSecOps practices with artificial intelligence to streamline security management for complex products.
EVSec enables developers to identify risks earlier in the design process, when addressing them is less costly and less complicated. By applying automated threat modeling and risk management, the platform reduces reliance on manual oversight, which is often time-consuming and prone to errors.
The system also includes tools for handling security incidents and keeping audit records, helping organizations both detect threats and show that they meet industry standards.
A major driver of this integrated approach is the rise of global regulations governing connected products. In the automotive sector, UN Regulation No. 155 and ISO/SAE 21434 have established clear requirements for cybersecurity risk management and engineering practices.
Similar expectations are rising in healthcare, robotics, and industrial technology, as regulators increasingly demand verifiable safeguards against cyber threats.
Platforms like EVSec are designed to fit with these frameworks, simplifying the process for manufacturers who must deal with complex regulatory environments across multiple regions. By building compliance into the development process, companies can save money on redesigns and make sure their products meet safety rules before they go to market.
The application of DevSecOps to product security is not limited to one sector. C2A Security’s partnerships show how this approach can be applied. In the automotive industry, partnerships with companies such as Daimler Truck, BMW Group, Valeo, and Aptiv highlight the demand for lifecycle security in vehicles.
In healthcare, organizations like Medcrypt and Elekta have worked with the company to address risks in medical technology, where reliability and patient safety are vital. Collaborations with technology firms such as NVIDIA and Siemens highlight the applicability of these methods in industrial and high-tech environments.
C2A Security’s contributions have been recognized with multiple awards, including the Cybersecurity Excellence Awards (2021), the CES Innovation Awards (2022), the European Prize for Mobility (2023), and the CLEPA Top Innovator in Product Security (2024).
In recent months, C2A Security has expanded rapidly, signing agreements with more than ten high-profile clients and partners across the automotive sector. The company recently secured a global, long-term enterprise agreement with Daimler Truck AG, potentially one of the largest product security tool deals in the automotive industry to date.
This partnership outlines C2A Security’s growing influence as a leader in product cybersecurity, as it enables global automotive manufacturers to modernize their security operations. Also, the company has been named Cybersecurity Technology Breakthrough of the Year Award [2023], recognizing the increasing role of artificial intelligence in addressing modern security challenges.
The shift toward AI-powered DevSecOps represents a trend in how organizations are approaching cybersecurity. With connected products becoming the norm across industries, the ability to automate risk assessment, streamline compliance, and maintain continuous monitoring will be essential.
C2A Security’s focus on integrating security into the development lifecycle clarifies how industries are responding to these challenges. By coordinating with international standards and collaborating across multiple sectors, the company’s work shows the growing importance of integrating cybersecurity directly into product design.
