In this Help Net Security interview, Yaron Edan, CISO at REE Automotive, discusses the cybersecurity landscape of the automotive industry, mainly focusing on electric and connected vehicles.
Edan highlights the challenges of technological advancements and outlines strategies for automakers to address cyber threats effectively.
He emphasizes the importance of consumer awareness in ensuring vehicle security.
The automotive industry is experiencing a digital breakthrough transforming how vehicles are designed, manufactured, and used, primarily driven by the introduction and popularity of electric and autonomous vehicles.
Technological advancements have been introduced and integrated throughout the vehicle life cycle.
We use different forms and increasing amounts of software in our vehicles.
In order to address these challenges, automakers need to conduct an initial risk assessment to understand what kind of threats and the type of threat actors are active within each layer of the product and supply chain in the automotive industry.
The procedure determines which types of threat actors are active within the automotive industry, where they are located, and each threat's severity.
Once you have a factory line running, the first step to integrate cybersecurity into the manufacturing process is to secure the operation technology policy by understanding the risk and how to close the gaps.
Manufacturers must deal with OT threats, which involve thousands of unique threats coming from the product lines, sensors, and other equipment involved in the manufacturing process, instead of systems like computers.
These threats can be especially dangerous if left ignored because of the simplicity of the equipment used in this stage.
Suppose you are a threat actor and you want to damage an automaker.
Automotive companies must take a proactive approach to addressing cybersecurity threats instead of being reactive.
This allows security teams to avoid threats instead of responding later once the damage has already been done.
Cybersecurity is an ongoing process that requires constant vigilance and adaptation - current strategies will likely become outdated and need to be reworked as new threats emerge.
The goal of regulatory bodies is to provide automakers with best practices on steps to take in the event of a cyber hack, what players to communicate with, and how deep to reach depending on the severity of the threat.
Consumers need to make sure the data collected in the vehicle stays private.
If you have an electric vehicle and you need to charge it, you might visit a public charging station.
Not many people know this, but your vehicle data can be easy to hack at public charging stations because you are not only transferring electricity but also data.
To prevent this from happening, vehicle owners need to ask the right questions.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Mon, 12 Feb 2024 06:43:05 +0000