Automobiles are increasingly becoming digital issues, with developments in shared mobility, electrification, autonomous systems, and connectivity that increasingly drive the industry into the digital field. This transformation has turned the modern vehicle into an information clearinghouse that generates and processes large amounts of data in real-time. It has also made them attractive targets for cyber attacks.
There are a few specific standards or guidelines for manufacturers to ensure that vehicles are safe, but this will change with the introduction of the World Forum for the Harmonization of Vehicle Regulations (WP.29) on cybersecurity that is designed to ensure cybersecurity. it is the number one priority for manufacturers and indeed a condition for market entry.
A regulatory framework
These regulations provide a framework and set of minimum requirements for all stakeholders in the automotive value chain, but do not provide any detailed guidance on implementation or practical operational steps that companies can take. A little more robust guidance could come from the International Organization for Standardization (ISO) / Society of Automotive Engineers (SAE) standard 21434, which hopes to establish clear technical and procedural requirements for each stage of the vehicle’s life cycle.
These standards should provide enough common ground to allow the industry to produce consistent cybersecurity practices for the development of the next generation of connected vehicles. This common approach will also make it easier for regulators to monitor and evaluate progress to ensure the industry remains safe from attack.
Providing this level of reliability will require a new set of skills and, in fact, new ways of working across the industry. This is a highly competitive market right now, with new data from Novartis showing that a growing number of tech workers are considering working in sectors such as pharmaceuticals and healthcare due to the high profile these sectors have enjoyed during the US pandemic, coronavirus. This interest is largely due to sectors such as manufacturing and financial services, so attracting the talent needed to provide this digital infrastructure can be challenging.
The need for digital skills will not be limited to IT or even manufacturing departments, with cybersecurity skills needed across the board, including dealerships, procurement, and customer communications. One possible way to attract these skills is to improve the gender diversity of the workforce.
Since the field of cybersecurity is notoriously male-dominated, and this is reflected in the automotive sector in general, with recent data showing that only 17% of workers in the sector are women.
It is also important that manufacturers and other members of the value chain ensure that their cybersecurity processes are robust and their compliance procedures are in place. The ability to modify systems is likely to be highly dependent on the structure and maturity of the business, as new roles, responsibilities, and processes will be required to properly assess and manage any cybersecurity risks presented to vehicles.
The speed of response of manufacturers will also be of vital importance, both in terms of their internal response to any cyber attack, as well as the public sharing of such attacks so that other interested parties can be aware of possible vulnerabilities. PwC data suggests that companies are getting better at reporting cyberattacks, but clearly much more can be done to ensure that security is maintained at all times.
Given the critical nature of the challenge, it is also vital that companies can regain control of systems in the event of attacks as quickly as possible. The data suggests that there is still a considerable lag between initial attacks and regaining full control, and companies may be especially vulnerable to follow-up attacks immediately after an initial violation. Suppliers’ ability to provide fast, robust patches to protect vehicle systems will be vital to their safe operation.
What’s more, this support must be provided for the life of the vehicle, as it is not acceptable to have scenarios analogous to those seen in the software world, where applications and operating systems are down and ongoing security support is not provided. A better comparison would be with planes and ships, which tend to receive updates and patches over a much longer period of time than consumer products.
The cybersecurity market in the sector is estimated to be worth nearly $ 10 billion by 2030, underscoring the growing importance of ensuring the safety of the next generation of vehicles. Doing so will require not just an investment in skills and processes, but a new wave of standards, regulations, and guidelines to help the industry chart a common course.
Given the scale of the challenges ahead, the industry is likely to experience a considerable disruption in the coming years, as OEMs support their own cybersecurity capabilities and new players enter the value chain with dedicated cybersecurity offerings. Cybersecurity is a constant race between attackers and defenders, and for the auto industry.
Also Read: 5 Tips To Avoid Scam SEO Companies