We had the opportunity of attending the 2022 Auto-ISAC Summit in Detroit, Michigan in September to learn and share insights regarding the latest trends in cyber security for connected vehicles and intelligent transport systems. Leading auto manufacturers, suppliers, thought leaders, lawmakers, and technologists led speaking sessions throughout the week and shared their experiences, lessons learnt, and insights about challenges, barriers, and drivers to creating a secure future. They also offered glimpses into what needs to happen in order to advance the automotive industry from technological, social, and legal perspectives. Keep reading for a breakdown of all the biggest highlights from the discussions!
Biggest challenges for connected vehicle adoption
The amount of code needed for each connected vehicle creates new risks for businesses and customers. An F-35 fighter contains 9 million lines of code, while today's car has over 100 million. Each line of code is a liability and a potential point of failure.
Automotive supply chains create significant cyber security vulnerabilities for manufacturers. The automotive industry has one of the largest and most complex supply chains in the U.S. This includes the frequent integration of third-party software, components, applications and communications protocols, presenting an array of major cybersecurity weaknesses and quality-control issues.
Complex and evolving standards and architecture creates ambiguity for stakeholders. Even the current framework of ISO/SAE 21434 is barely scratching the surface of what will be needed to scale with adoption.
Fireside Chat: Modernize Legacy Operational Technology to Secure Supply Chains from Cyber Threats
Our team also had the opportunity to attend a Fireside Chat between Josh Davis, Toyota & Auto-ISAC Chair and Kevin Tierney, GM & Auto-ISAC Vice Chair where the discussion focused on securing supply chains from cyber threats. One of the key points was that legacy operational technology is creating significant obstacles for manufacturers who want to secure their systems, as it has not caught up with the latest cyber security advancements. Moreover, there is a major need for cultural transformation as many stakeholders are not aware of the criticality of cyber security investment.
Information Sharing to Secure Infrastructure
Another interesting topic of discussion was how critical information sharing between organizations and sectors is for cyber security. For example, the FBI has highlighted the following energy sectors:
Chemical Sector | Financial Services Sector |
Commercial Facilities Sector | Food and Agriculture Sector |
Communications Sector | Government Facilities Sector |
Critical Manufacturing Sector | Healthcare and Public Health Sector |
Dams Sector | Information Technology Sector |
Defense Industrial Base Sector | Nuclear Reactors, Materials, and Waste Sector |
Emergency Services Sector | Transportation Systems Sector |
Energy Sector | Water and Wastewater Systems Sector
|
Additionally, the National Highway Traffic Safety Administration (NHTSA) has stated that there is a critical need for an Automotive Information Sharing and Analysis Center to facilitate public and private collaboration. In their eyes, a more secure future is a safer future. All it takes is one major cyber attack to set back development and adoption of connected vehicles.
For more information and highlights from Auto-ISAC Summit and other connected vehicle conferences, follow us on Linkedin! Is your organization interested in securing its vehicles and systems from cyber threats? Contact us today!
Comments