The world is moving towards autonomous vehicles and the vehicle is exposed to various types of communication, like Vehicle-to-vehicle (V2V), Vehicle-to-Grid (V2G) and Vehicle-to-Everything (V2X). This communication facilitates telematics, diagnostics and over the air software update features. The vehicle is also connected via various interfaces like Wireless Fidelity (Wi-Fi), Bluetooth (BT), Universal Serial Bus (USB), and On-board Diagnostics (OBD) to the external world for various purposes. This opens possibility for several cyber-attacks through external ports, network interfaces if there are no adequate cyber security mechanisms implemented, and cybersecurity risks are not treated. Controller Area Network (CAN-bus) is a central nervous system of the modern vehicle and most of the in-vehicle communication takes place on it. Unfortunately, the CAN-bus is inherently insecure and lacks basic security features like authentication and encryption. The insecure nature of CAN-bus in a vehicle lead to several security exploits and malicious activities which put driver and passengers at risk. Therefore, security measures need to be implemented in the automotive network. This paper addresses CAN vulnerabilities, critical attacks, and security measures to protect CAN bus such as cryptographic measures, firewall and methods to detect and prevent such attacks. Certain approaches have been identified and discussed in this paper. Moreover, this paper attempts to bring together essential background knowledge required to work on security for CAN network in automotive embedded systems.