Cybersecurity Risks In Automotive Industry: Study

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
  • Tomorrow's Tech University
AftermarketNews - Babcox Media
The Business of Selling Parts
Aftermarket Telematics Technologies

Cybersecurity Risks In Automotive Industry Highlighted In New Study

An alarming number of automotive professionals (84 percent) responding to a recent survey have concerns that their organizations’ cybersecurity practices aren’t keeping pace with evolving technologies.

aftermarketNews Staff
By aftermarketNews Staff
Published:

From Telematics Talk

Related Articles

An alarming number of automotive professionals (84 percent) responding to a recent survey have concerns that their organizations’ cybersecurity practices aren’t keeping pace with evolving technologies.

Conducted by Ponemon Institute, the survey of global automotive manufacturers and suppliers highlights critical cybersecurity challenges and deficiencies affecting many organizations in the automotive industry.

Synopsys Inc. and SAE International discuss the survey results in a new report, “Securing the Modern Vehicle: A Study of Automotive Industry Cybersecurity Practices.”

The survey also found that 30 percent of organizations don’t have an established cybersecurity program or team, and 63 percent test less than half of the automotive technology they develop for security vulnerabilities.

“SAE, in partnership with Synopsys, is pleased to present the findings of this study, as it provides real-world data to validate the concerns of cybersecurity professionals across the industry and highlights a path forward,” said Jack Pokrzywa, SAE International director of Ground Vehicle Standards. “SAE members have sought to address cybersecurity challenges in the automotive systems development lifecycle for the last decade and worked together to publish SAE J3061, the world’s first automotive cybersecurity standard. Armed with the findings of the study, SAE stands ready to convene the industry and lead development of targeted security controls, technical training, standards and best practices to improve the security, and thus the safety, of modern vehicles.”

Synopsys and SAE commissioned the Ponemon Institute, a leading IT security research organization, to examine current cybersecurity practices in the automotive industry and its capability to address software security risks inherent in connected, software-enabled vehicles. Ponemon surveyed 593 professionals from global automotive manufacturers, suppliers and service providers. To ensure knowledgeable responses, all respondents are involved in assessing or contributing to the security of automotive technologies, including infotainment systems, telematics, steering systems, cameras, SoC-based components, driverless and autonomous vehicles, and RF technologies such as Wi-Fi and Bluetooth, among others.

“The proliferation of software, connectivity and other emerging technologies in the automotive industry has introduced a critical vector of risk that didn’t exist before: cybersecurity,” said Andreas Kuehlmann, co-general manager of the Synopsys Software Integrity Group. “This study underscores the need for a fundamental shift – one that addresses cybersecurity holistically across the systems development lifecycle and throughout the automotive supply chain. Fortunately, the technology and best practices required to address these challenges already exists, and Synopsys is poised to help the industry embrace them.”

Other key findings from the survey highlight:

  • Lack of cybersecurity skills and resources. More than half of respondents say their organization doesn’t allocate enough budget and human capital to cybersecurity, while 62 percent say they don’t possess the necessary cybersecurity skills in product development.
  • Proactive cybersecurity testing is not a priority. Less than half of organizations test their products for security vulnerabilities. Meanwhile, 71 percent believe that pressure to meet product deadlines is the primary factor leading to security vulnerabilities.
  • Developers need cybersecurity training. Only 33 percent of respondents reported that their organizations educate developers on secure coding methods. Additionally, 60 percent say a lack of understanding or training on secure coding practices is a primary factor that leads to vulnerabilities.
  • Cybersecurity risk throughout the supply chain. Seventy-three percent of respondents expressed concern about the cybersecurity of automotive technologies supplied by third parties. Meanwhile, only 44 percent say their organization imposes cybersecurity requirements for products provided by upstream suppliers.

To download a free copy of the report, click here.

You May Also Like

Aftermarket Telematics Technologies

Zubie Adds Bluebird As Integration Partner To Deliver Telematics Insights To Rental Car Fleets

This partnership extends Zubie’s reach and value delivery to rental and loaner car fleet operators.

aftermarketNews Staff
By aftermarketNews Staff
Published:

Zubie, a connected-car platform and telematics data insights provider, has announced a new integration partnership with Bluebird Auto Rental Software, a leading provider of cost-effective software to vehicle rental companies. This partnership integrates Zubie telematics data within Bluebird’s RentWorks software platform, giving rental fleet and loaner car operators seamless access to connected car insights and the ability to improve business operations.

Read Full Article

More Aftermarket Telematics Technologies Posts
OCTO Acquires Nebula Systems

Nebula specializes in the development of advanced cloud technologies for the automotive and connected car industries.

By aftermarketNews Staff
Foresight Successfully Completes Technological Demonstrations For Leading Vehicle Manufacturers And Tier 1 Suppliers In The U.S.

Demonstrations of the QuadSight vision system were performed in the Silicon Valley area and Detroit with the assistance and support of FLIR Systems.

By aftermarketNews Staff
Parts Plus Top Fuel Dragster Generates Awareness, Signatures For Auto Care Association’s Data-Access Petition

The Auto Care Association’s “Your Car. Your Data. Your Choice.” campaign was a major sponsor of the Clay Millican-driven Parts Plus Top Fuel dragster for the NHRA Thunder Valley Nationals in Bristol, Tennessee.

By aftermarketNews Staff
BlackBerry, LG Expand Partnership To Develop Technology For Connected Vehicles

As part of the agreement, LG Electronics will use a range of BlackBerry QNX software and services to build next-generation digital consolidated cockpits, including infotainment systems, digital instrument clusters and telematics systems for multiple OEMs, according to BlackBerry.

By aftermarketNews Staff

Other Posts

DOJ, FTC Support MEMA Aftermarket Suppliers’ Petition

The petition expands consumer access to vehicle operational, diagnostic and telematics data.

By Mary DellaValle
The Impact of Open AI on Cybersecurity

AI is just the latest tool available to hackers as well as security professionals.

By Scott Luckett
LG 1st to Meet Global Cybersecurity, Safety Standard

LG adds it also has acquired functional safety certification for its ADAS front camera in the ‘4M’ (Material, Method, Machine, Man) categories in 2022.

By aftermarketNews Staff
UL Issues 1st Auto Cybersecurity Program Certificate

The UL Solutions CAP Certificate recognizes that LG Innotek’s cybersecurity management system meets the requirements.

By aftermarketNews Staff