Just two or three years ago, automotive companies tended to see the security of IT, manufacturing and vehicles as separate issues, and almost beneath the notice of top management. “Security by obscurity” was a widely used paradigm. Overall, security was an easy issue to ignore, especially given that most companies try to hush up security breaches.
Now, though, security is uppermost in the minds of automotive executives. CEOs are constantly asking their reports what their strategy is and how safe the company is. Automotive manufacturers are keenly aware of the need to secure vehicles, and to reassure customers who have read media reports suggesting they aren’t secure. Suppliers, too, are increasingly aware, and in some cases taking the initiative themselves on security issues.
Why has this change come about so rapidly? I can think of several reasons:
• There’s widespread recognition that a vehicle today is an intelligent, communicating device, with hundreds of intelligent, communicating parts – which add up to a large attack surface.
Hacks into cars have attracted a lot of media and public attention: According to one survey
, 62% of customers fear cars will be easily hacked. It’s not only the security of the vehicle itself that is attracting attention.
The security of manufacturing plants is a growing concern: A recent report
on worldwide security breaches stated that automotive manufacturers represented almost 30% of total attacks against manufacturing industries in 2015.
At Capgemini, we don’t see any of this as cause for alarm. On the contrary – we encourage our clients to view cybersecurity in the context of their business transformation goals.
In the other postings in this series, I’ll suggest ways automotive companies can tackle cybersecurity for business advantage. I’ll be recommending an end-to-end approach that addresses the challenges the industry faces around the connected vehicle, manufacturing plants, and enterprise IT systems – challenges that can appear at each stage of the plan-build-run lifecycle.