Vehicles like any other open and distributed IT system are subject to security attacks. Cyber-security matters for almost any automotive domain, be it dynamics or powertrain or infotainment. Without security, there is no safety. Therefore, advanced risk assessment and mitigation is the order of the day. Risk-oriented security engineering for automotive systems helps in both designing for robust systems as well as effective mitigation upon attacks or exploits of vulnerabilities. We show in this presentation with concrete examples how risk-oriented cyber security can be successfully achieved in automotive systems.