The automotive industry has long been exempt from the cyber attacks that have affected so many companies operating in the financial services, healthcare and retail spaces. However, that is changing quickly due to the copious amount of historical data being collected by modern vehicles and the new autonomous features created by manufacturers.
Further complicating matters is the fact that the connected cars movement, unlike other instances where exploitable personal information exists, increases the potential threat of terrorist activity. In addition to the usual motivations—financial gain and operational disruption—sophisticated hackers are able to use vehicles as instruments of harm and destruction.
It's a scary scenario that has come to fruition faster than most believed was possible from a technology standpoint—predictions made by automotive executives have been mixed over the years. Fast forward to this summer where we already have self-driving ride sharing cars on the road, and other new models will soon communicate directly with each other and exchange information with toll booths, gas pumps and fast food restaurants.
This expedited timeline has created vehicles with advanced capabilities but few protections. So what actions should automotive manufacturers and suppliers take to ensure their systems are guarded against hackers? Here are a few things to consider as the industry moves at an accelerated pace:
- Manage risk within the supply chain. Modern vehicles are comprised of hundreds of thousands of computer codes and other components developed by vendors, which can leave them vulnerable during the assembly process. Whether there is purposeful or inadvertent corruption within the supply chain, a more rigorous testing and contract management process will help mitigate risk.
- Change must occur from within the industry. Eventually there will be interaction and cooperation between regulators and industry participants, but as long as there is tension among governing bodies, automotive companies must address the issue of vehicle security with uniformity. The industry is accustomed to reacting to market shifts and consumer preferences, and we are already starting to see overarching, proactive measures be proposed.
- Build security into your sales and marketing strategy. The most astute automotive companies understand that data privacy and cybersecurity will become a strong selling point for car buyers. The key will be communicating such protective features in an easy to understand way and consistently across manufacturers and retailers. Security ratings must be uniform or they will be useless, and they must not infringe upon the driver experience.
Looking ahead to 2017, it will be interesting to see how things unfold in Washington and how connectivity is prioritized on lawmakers' agendas. If the last few months has showed us anything, it's that the automotive industry's growth trajectory won't leave much time for reflection.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.