Modern ground vehicles rely on Controller Area Network (CAN) bus for communication between Electronic Control Units (ECUs) as a vital component to connect sensors and actuators together in a mission-critical distributed real-time vehicle control system. CAN is well-suited to this task and over the more than three decades since its inception it has become a proven and ubiquitous technology. But its age means that it was not designed for modern security threats of local and remote attacks and special techniques must be deployed to protect CAN. This paper provides a simple taxonomy of attacks on CAN, including how an attack accesses a CAN bus, and discusses four techniques used to defend against these attacks.