Auto cybersecurity practices are woefully inadequate and in desperate need of regulation

As connected vehicles increasingly become mainstream, the importance of cybersecurity within the automotive space grows. Connected vehicles link to the cloud in real time, and this wireless communication exposes the vehicle to cyberattackers who can subvert the vehicles’ operations and gain illegal control. Such possibilities have resulted in the immediate need for auto cybersecurity measures. This imperative has spun off a niche segment within the auto industry that received roughly $380 million in investment between 2010-19. The investment is timely, as the auto industry now contends with a drastic increase in hacking incidents. The bulk of these events have malicious intent, with 57% of all hacking cases in 2019 being black hat incidents related to cybercriminals looking to disrupt businesses and cause harm. Keyless entry attacks have been on the rise, accounting for a third of all hacking incidents. An equally large percentage of cyberhacking happened via backend servers. Studies by Business Insider suggest that 82% of all cars shipped in 2021 will be connected to the cloud. As cities pursuing smart city programs look to adopt more technology in their mobility systems, lapses in auto cybersecurity would reflect poorly on the systems’ safety and shake public confidence. Such incidents also significantly dent the brand value of automakers in the line of fire, as they would be held responsible as well. As with most cutting-edge technology segments, standardization and data frameworks are being structured to develop a consensus around industry best practices from the perspective of original equipment manufacturers (OEMs), Tier 1 suppliers and other relevant stakeholders in the value chain. The National Highway Traffic Safety Administration (NHTSA), too, has proposed guidance that focuses on bolstering the electronic architecture within a vehicle against cyberattacks.