• About Us
  • Contact
  • Careers
  • Send Us a Tip
Menu
  • About Us
  • Contact
  • Careers
  • Send Us a Tip
CyberNews logo
Newsletter
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
Menu
  • Home
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
CyberNews logo

Home » Security » The cybersecurity challenges for the auto industry

The cybersecurity challenges for the auto industry

by Adi Gaskell
4 August 2020
in Security
0
parking lot from above
32
SHARES

Automobiles are becoming increasingly digital affairs, with developments across shared mobility, electrification, autonomous systems and connectivity all moving the sector further and further into the digital realm.  This transformation has made the modern vehicle an information clearinghouse that both generates and processes huge quantities of data in real-time.  It’s also made them attractive targets for cyberattacks.

Earlier this year, I highlighted some of the security challenges vehicles and their manufacturers face from cyberattack as they become more digitally advanced and connected.  Despite this thread, there are few specific standards or guidelines for manufacturers to ensure vehicles are secure, but this is set to change with the introduction of the World Forum for Harmonization of Vehicle Regulations (WP.29) on cybersecurity that are designed to ensure cybersecurity is the number one priority for manufacturers, and indeed a condition for market entry.

A regulatory framework

These regulations provide a framework and a set of minimum requirements for all stakeholders in the automotive value chain, but they don’t provide any detailed guidance regarding implementation or practical operational steps companies can take.  Slightly more robust guidance might emerge from the International Standardization Organization (ISO)/Society of Automotive Engineers (SAE) 21434 standard, which hopes to lay out clear technical and procedural requirements for each stage of the vehicle’s lifecycle.

These standards should provide sufficient common ground to allow the industry to produce consistent cybersecurity practices to the development of the next generation of connected vehicles.  This common approach will also make it easier for regulators to monitor and assess progress to ensure that the industry remains safe from attack.

To provide this level of reliability will require a new set of skills, and indeed new ways of working, across the sector.  This is a highly competitive marketplace at the moment, with new data from Novartis showing that a growing number of tech workers are considering working in sectors such as pharma and healthcare due to the high profile these sectors have enjoyed during the coronavirus pandemic.  This interest is largely at the expense of sectors such as manufacturing and financial services, so attracting the talent required to provide this digital infrastructure may be challenging.

New talent

The need for digital skills will not be confined to the IT or even manufacturing departments, with cybersecurity skills needed across the board, including in dealerships, procurement and customer communications.  One possible avenue to attract these skills is to improve the gender diversity of the workforce.

It’s an issue I’ve touched upon in past articles, as the cybersecurity field is notoriously male dominated, and this is reflected in the automotive sector more generally, with recent data showing just 17% of workers in the sector are female.

It’s also important that manufacturers and other members of the value chain ensure that their cybersecurity processes are robust and their compliance procedures in place.  It’s likely that the ability to modify systems is highly dependent upon the structure and maturity of the business, as new roles, responsibilities and processes will be required to adequately assess and manage any cybersecurity risks posed to vehicles.

Also of critical importance will be the speed of response by manufacturers, both in terms of their internal response to any cyberattacks, but also the public sharing of such attacks so that other stakeholders can be aware of potential vulnerabilities.  Data from PwC suggests companies are getting better at reporting cyberbreaches, but there is clearly a lot more that can be done to ensure security is maintained at all times.

Rapid recovery

Given the critical nature of the challenge, it’s also vital that firms are able to regain control of systems in the event of attacks as quickly as possible.  Data suggests that there is still a considerable lag between initial attacks and full control being regained, and companies can be especially vulnerable to follow-up attacks in the immediate wake of an initial breach.  The ability for vendors to provide rapid and robust patches to secure vehicle systems will be vital to their safe operation.

What’s more, this support needs to be provided for the duration of the vehicle’s life, as it’s not acceptable to have scenarios analogous to those seen in the software world where applications and operating systems are mothballed and not provided with ongoing security support.  A better comparison would be to aircrafts and ships, both of which tend to receive updates and patches over a much longer timeframe than consumer products.

It’s estimated that the cybersecurity market in the sector will be worth nearly $10 billion by 2030, which underlines the growing importance of ensuring the next generation of vehicles are safe.  Doing so will require not only an investment in skills and processes, but a new wave of standards, regulations and guidelines to help the industry chart a common course.

Given the scale of the challenges ahead, it’s likely that the industry will see considerable disruption in the coming years, as OEMs bolster their own cybersecurity capabilities, and new entrants enter the value chain with dedicated cybersecurity offerings.  Cybersecurity is a constant race between attackers and defenders, and for the automotive industry, the starting pistol has long since fired.

Share32TweetShareShare

Related Posts

Nohow International leaks sensitive worker data

12,000+ workers’ IDs, banking details, and other personal data leaked by UK staffing agency

19 January 2021
Telegram app on mobile

Watch out: there’s a new Telegram scam about

15 January 2021
Email icon on laptop screen

How phishing attacks are evolving and why you should care

14 January 2021
Ransom message on laptop screen

Why ransomware attacks will explode in 2021

12 January 2021
Next Post
TikTok as China’s surveillance tool: red flag or paranoia?

TikTok as China’s surveillance tool: red flag or paranoia?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Popular News

  • 70TB of Parler users’ messages, videos, and posts leaked by security researchers

    70TB of Parler users’ messages, videos, and posts leaked by security researchers

    82912 shares
    Share 82901 Tweet 0
  • ProtonMail review: have we found the most secure email provider in 2021?

    61 shares
    Share 61 Tweet 0
  • Bitwarden Review

    0 shares
    Share 0 Tweet 0
  • The ultimate guide to safe and anonymous online payment methods in 2021

    13 shares
    Share 13 Tweet 0
  • Custom mechanical keyboards – 17 coolest ones we’ve ever seen

    442 shares
    Share 441 Tweet 0
Facebook says some users facing issues with Messenger, Instagram

Factbox: How Facebook, Twitter, and others are girding for inauguration threats

20 January 2021
Uploading on mobile screen and Data Protection on desktop screen

Privacy and data protection trends in 2021

20 January 2021
valve logo

EU hits game distributor Valve, five others with 7.8 million euro fine

20 January 2021
google logo

Trump pardons former Google self-driving car engineer Levandowski

20 January 2021
Malwarebytes hacked by state actors behind SolarWinds attack

Malwarebytes hacked by state actors behind SolarWinds attack

20 January 2021
Edvardas Šileris

Head of Europol’s European Cybercrime Centre: there are no systems that cannot be breached

20 January 2021
Newsletter

Subscribe for security tips and CyberNews updates.

Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!
Categories
  • News
  • Editorial
  • Security
  • Privacy
  • Resources
  • VPNs
  • Password Managers
  • Secure Email Providers
  • Antivirus Software Reviews
Tools
  • Personal data leak checker
  • Strong password generator
About Us

We aim to provide you with the latest tech news, product reviews, and analysis that should guide you through the ever-expanding land of technology.

Careers

We are hiring.

  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • In the News
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!