accenture, profile picture
Uploaded byaccenture
PPTX, PDF11,796 views

Automotive Cybersecurity: Shifting into Overdrive

The automotive industry is facing new challenges in cybersecurity as vehicles become more connected and remote work increases due to the pandemic. An elite group of 18% of automotive companies have significantly higher cybersecurity performance by investing over 20% of budgets in advanced technologies like AI and SOAR. However, most companies' security investments are failing. As vehicles become more connected through partnerships, overseeing ecosystem cybersecurity practices will be critical as 41% of breaches come through indirect attacks. Regulations are also increasing responsibilities for manufacturers to implement cybersecurity measures across product lifecycles. To adapt, companies need to take an end-to-end approach, look beyond boundaries to ecosystem partners, and engage proactively with regulators and industry groups

Embed presentation

Downloaded 42 times
SHIFTING INTO OVERDRIVE AUTOMOTIVE CYBERSECURITY
When an industry completely reinvents its products and its ways of doing business, it’s an exciting challenge. When it does so in the middle of a pandemic, it’s a heroic effort. The automotive industry has grappled with both scenarios in 2020. 2Copyright © 2020 Accenture. All rights reserved. Auto companies were already focused on moving to connected, clean vehicles prior to COVID-19, but have now found themselves challenged to retool and reorient to manufacture life-saving products like ventilators. The learned agility that came from their COVID-19 efforts will likely help auto companies as they revitalize post-pandemic. And as they do, they’ll need new cybersecurity measures to help them protect their new ways of doing business. Some automotive companies were already ahead of the curve in cybersecurity, according to our most recent research. Accenture’s detailed modeling of cybersecurity performance identified an elite group—just 18%i—that achieve significantly higher levels of performance in at least three of these categories:
3Copyright © 2020 Accenture. All rights reserved. What can other automotive companies learn from the cybersecurity Leaders in their industry? We’re glad you asked.
Leaders’ investments in innovation are working 4 While the majority of companies’ security investments are failing, Leaders have a better cybersecurity track record. One of the major reasons, according to our study, is their investments in innovation. The vast majority of automotive cybersecurity leaders spend more than 20% of their cybersecurity budgets on advanced technologies— the kind that support the innovation their company is baking into their business. Copyright © 2020 Accenture. All rights reserved.
Artificial Intelligence (AI) and Security, Orchestration,Automation, Response (SOAR) technologies top the list of advanced technologies automotive cybersecurity Leaders are investing in. But others, as you can see from the chart, are contributing to their cybersecurity ranking and success. Copyright © 2020 Accenture. All rights reserved. 5
Regulating vehicle cybersecurity puts heavy responsibility on manufacturers Currently, there are few legal regulations on cybersecurity in the automotive sector. In mid- 2020, Regulations (WP.29)—a working party of the Sustainable Transport Division of the United Nations Economic Commission for Europe (UN ECE)—will change that in Europe. As we write this cybersecurity report, the UN ECE will issue in late 2020 or early 2021 a regulation on cybersecurity in connected and autonomous vehicles. It provides uniform provisions for the approval of vehicles’ cybersecurity and cybersecurity management systems (CSMS). The regulation will also cover software updates and software update management systems (SUMS). WP.29 has many facets, but its major focus areas include: Increased focus on secure management across entire automotive supply chain Mandates for monitoring and incident response from the Original Equipment Manufacturer during post-production Security certifications per vehicle type High focus on securing and controlling data-at-rest and data- in-transit, especially when it comes to data regarding Personally Identifiable Information (PII) data. As the automotive industry moves more and more to connected cars, cybersecurity being in lockstep with the business becomes even more of an imperative. 6Copyright © 2020 Accenture. All rights reserved.
New innovations, new challenges Two developments open automotive manufacturers up to increasing cybersecurity challenges.The first is the more remote method of working due to COVID-19, a method that may continue for some time.And the second is the increasing business and technology partnerships automotive companies are forging as they move from producing a vehicle that is primarily of their making, to a vehicle that is a collection of software-based services and systems. Challenge 1: More remote workers Challenge 2: Connected cars The first challenge, more remote workers, is one most industries are facing. From securing personal devices and networks, to protecting collaboration technology like video- conferencing and file sharing, automotive companies will need to make some enhancements in their existing security to close gaps. It is a challenge but one where they can share solutions with thousands of companies the world over. The second challenge—connected cars—is a tougher one because it’s unique to the industry.And, it relates not only to privacy and the usual security concerns, but also to a life- or-death matter—the safety of passengers and other drivers. Copyright © 2020 Accenture. All rights reserved. 7
Gearing up for remote working environments Some companies, like Accenture, were well-versed in remote working environments prior toCOVID-19. But many automotive companies were still in a traditional office structure.As a result, they have been racing to accelerate their cybersecurity protections for employees—who might previously have been concentrated in several dozen secure locations globally and are now located in thousands of unsecured home locations instead.And our survey respondents shared that the top target for cyberattacks was their corporate organization—ranging from attacks on intellectual property to employee information. Phishing by cyberespionage and cybercriminal groups, as well as nation-state-sponsored cyberthreats, are huge risks right now— particularly for companies that have not had to address at-home protection previously. Adaptive security, based on zero-trust protocols, is a wise step for any company that finds itself grappling with a remote workforce during this time period. Copyright © 2020 Accenture. All rights reserved. 8
Copyright © 2020 Accenture. All rights reserved. Zero Trust Systems: Dynamic cybersecurity for dynamic businesses With the increasing amount of remote work generated by COVID-19 likely to continue, we expect more companies to move to zero trust systems and adaptive security. They are powered by analytics and automation and enhance the security posture of any organization. This approach is particularly effective for companies with an increasing number of system entry points. It works against opportunistic and targeted attacks, as well as trusted insiders and other insider threats. Zero trust means constant verification. Even if a user is inside a company’s network, a company will not assume it’s safe. Instead, it is provided granular user-access control as never before for authentication and verification. Unlike traditional static security approaches, adaptive security includes context-aware security access policies and controls. These shift dynamically based on the risk of every access request, and help a business detect anomalies faster and more accurately. 9
Connected car systems need to be a cyber-fortress Cybersecurity for connected vehicles involves a continuous end-to-end chain, from the service delivery platform to mobile apps to in-vehicle telemetry.AI and machine learning to help detect unknowns and anomalies within a car’s system are key—but so are advanced technologies to support the ecosystem partnership systems that created the car. And our research shows that 41% of automotive company security breaches come from indirect attacks, or hidden attacks via their ecosystem. Currently, only roughly two-thirds of automotive companies oversee the cybersecurity practices of their technology providers, auto parts providers and dealerships. Delivery and other services rank even lower.This practice leaves a huge door for cybercriminals to enter—and they are, with increasing speed and force. It’s no surprise, then, that managing security over multiple stakeholders was the top challenge auto companies cited to managing cybersecurity in their industry. Copyright © 2020 Accenture. All rights reserved. 10
A cybersecurity strategy fit for innovation Automotive companies need a cybersecurity foundation fit for purpose—and that purpose has changed.As manufacturers invest in emerging technologies and decouple their core architecture to allow for innovative collaboration, their cybersecurity strategy needs to change. Many are handling the basics well, but the business has moved beyond basic cybersecurity needs. The sophistication and severity of cyberattacks is increasing at an alarming rate, significantly impacting companies across industries.The average cost of cybercrime for an organization has increased US$1.4 million to US$13.0 million.ii Now more than ever, as auto companies move from vehicle manufacturing specialists to technology ecosystem specialists, their cybersecurity needs become far more complex and critical.A connected car stems from a web of interconnected companies with varying levels of cybersecurity expertise. “The future of the industry will be characterized by partnerships that deliver more than any one company could deliver on its own.” Accenture Tech Vision Copyright © 2020 Accenture. All rights reserved. 11
Focusing on action in a few key areas can help automotive companies advance their cybersecurity to better meet the new needs of the business: Reassess cybersecurity using an end-to-end approach. New regulations are a bellwether for things to come, holding automotive companies responsible for secure management of areas like data at rest and data in transit. Cybersecurity in an intelligent vehicle has become a matter of life or death. Look beyond traditional boundaries. Auto companies will more and more have to take cybersecurity standards and enforcement across the ecosystem and their own distributed operations into their hands to protect their own interests. Take a proactive stance with regulators and shared industry intelligence. Regulators need input from automotive companies to create standards that protect consumers but are also realistic for manufacturers. Reaching out to offer assistance and subject matter expertise helps ensure a public/private partnership for the mutual good. And industry groups like the Automotive Information Sharing and Analysis Center (Auto-ISAC) serve as a global information- sharing community to address vehicle cyber security risks. Auto-ISAC operates a central hub for sharing, tracking and analyzing intelligence about cyber threats, vulnerabilities and incidents related to the connected vehicle. The more companies that actively participate, the better the resources marshaled against cyber attackers. As cars become connected products and consumers begin to clamor for the Next Big Thing that will transform their riding and driving experience, the need to protect not only those consumers, but also their own employees and business continuity, becomes paramount. The innovation so very necessary to leapfrog the auto industry to the next level brings some very serious potential risks in the cyber realm. Automotive companies that move now to anticipate and address those risks set themselves up to move into their future more rapidly—and more safely. Copyright © 2020 Accenture. All rights reserved. 12
Contacts Brian Irwin Lead – Automotive, North America Managing Director brian.irwin@accenture.com Alberto Meneghini Automotive, Security Managing Director alberto.meneghini@accenture.com About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries—powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at www.accenture.com About About Accenture Security Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Visit us at www.accenture.com/security About About the research Accenture Research conducted its third annual cybersecurity study with 4,644 security executives in 16 countries. We collected responses from companies with $US1B+ in revenue, across 24 industries. This report is our analysis of responses from 100+ executives in the automotive industry. References i All data is from Accenture’s Cyber Resilience research, unless otherwise noted. ii “The Cost of Cybercrime,” Accenture, 2019. DISCLAIMER: This document is intended for general informational purposes only and does not take into account the reader’s specific circumstances and may not reflect the most current developments. Accenture disclaims, to the fullest extent permitted by applicable law, any and all liability for the accuracy and completeness of the information in this presentation and for any acts or omissions made based on such information. Accenture does not provide legal, regulatory, audit, or tax advice. Readers are responsible for obtaining such advice from their own legal counsel or other licensed professionals. Copyright © 2020 Accenture. All rights reserved. Accenture, its logo, and New Applied Now are trademarks of Accenture.

More Related Content

PDF
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
byBIS Research Inc.
 
PDF
Automotive Cybersecurity Best Practices
byBamboo Apps
 
PPTX
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
byHARMAN Connected Services
 
PPTX
IBM Q-radar security intelligence roadmap
byDATA SECURITY SOLUTIONS
 
PPTX
Cyber Security Threat Modeling
byDr. Anish Cheriyan (PhD)
 
PPTX
Network Security for Automotive Embedded Systems
byTonex
 
PPTX
Cyber Security for the Connected Car
byReal-Time Innovations (RTI)
 
PDF
CIA-Triad-Presentation.pdf
byBabyBoy55
 
Cybersecurity in Automotive Connected Vehicles and Growing Security Vulnerabi...
byBIS Research Inc.
 
Automotive Cybersecurity Best Practices
byBamboo Apps
 
Webinar - Automotive SOC - Security Data Analytics for Connected Vehicles
byHARMAN Connected Services
 
IBM Q-radar security intelligence roadmap
byDATA SECURITY SOLUTIONS
 
Cyber Security Threat Modeling
byDr. Anish Cheriyan (PhD)
 
Network Security for Automotive Embedded Systems
byTonex
 
Cyber Security for the Connected Car
byReal-Time Innovations (RTI)
 
CIA-Triad-Presentation.pdf
byBabyBoy55
 

What's hot

PPTX
Automotive Security (Connected Vehicle Security Issues)
byPriyanka Aash
 
PDF
SOC Certification Runbook Template
byMark S. Mahre
 
PPTX
Automotive Cybersecurity: Test Like a Hacker
byForAllSecure
 
PPTX
EDR vs SIEM - The fight is on
byJustin Henderson
 
PDF
SOC-2 Compliance Status Report sample v10.0
byMark S. Mahre
 
PDF
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
byMark S. Mahre
 
PDF
IBM QRadar Security Intelligence Overview
byCamilo Fandiño Gómez
 
PPTX
IBM Security QRadar
byVirginia Fernandez
 
PDF
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
PPTX
Security of IOT,OT And IT.pptx
byMohanPandey31
 
PDF
Industrial_Cyber_Security
byWillianMachadoFonsec
 
PDF
Cybersecurity in Oil & Gas Company
byEryk Budi Pratama
 
PPTX
Automotive Cyber-Security Insights learned from IT and ICS/SCADA
byGilad Bandel
 
PDF
ISO 27001 Certification - The Benefits and Challenges
byCertification Europe
 
PDF
1. introduction to cyber security
byAnimesh Roy
 
PDF
13 information system audit of banks
byspandane
 
PPTX
CISSP - Chapter 4 - Intranet and extranets
byKarthikeyan Dhayalan
 
PDF
NIST Cybersecurity Framework 101
byErick Kish, U.S. Commercial Service
 
PDF
IT SECURITY ASSESSMENT PROPOSAL
byCYBER SENSE
 
PDF
3rd party information security assessment guideline
byPriyanka Aash
 
Automotive Security (Connected Vehicle Security Issues)
byPriyanka Aash
 
SOC Certification Runbook Template
byMark S. Mahre
 
Automotive Cybersecurity: Test Like a Hacker
byForAllSecure
 
EDR vs SIEM - The fight is on
byJustin Henderson
 
SOC-2 Compliance Status Report sample v10.0
byMark S. Mahre
 
SOC-2 Framework - Plan, Budget, Design, Integrate & Audit Security Controls
byMark S. Mahre
 
IBM QRadar Security Intelligence Overview
byCamilo Fandiño Gómez
 
IBM Security QRadar
byVirginia Fernandez
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
byEdureka!
 
Security of IOT,OT And IT.pptx
byMohanPandey31
 
Industrial_Cyber_Security
byWillianMachadoFonsec
 
Cybersecurity in Oil & Gas Company
byEryk Budi Pratama
 
Automotive Cyber-Security Insights learned from IT and ICS/SCADA
byGilad Bandel
 
ISO 27001 Certification - The Benefits and Challenges
byCertification Europe
 
1. introduction to cyber security
byAnimesh Roy
 
13 information system audit of banks
byspandane
 
CISSP - Chapter 4 - Intranet and extranets
byKarthikeyan Dhayalan
 
NIST Cybersecurity Framework 101
byErick Kish, U.S. Commercial Service
 
IT SECURITY ASSESSMENT PROPOSAL
byCYBER SENSE
 
3rd party information security assessment guideline
byPriyanka Aash
 

Similar to Automotive Cybersecurity: Shifting into Overdrive

PDF
Security in the driver's seat: Achieving cyber resilience in automotive
byaccenture
 
PDF
CONNECTED CARS: LIFE IN THE SMART LANE
byS_HIFT
 
PDF
The Right Track for Connected Cars
byStrategy&, a member of the PwC network
 
PPTX
Automotive Cybersecurity: The Gap Still Exists
byOnBoard Security, Inc. - a Qualcomm Company
 
PDF
Car cybersecurity: What do automakers really think?
byOnBoard Security, Inc. - a Qualcomm Company
 
PPTX
Car Cybersecurity: What do Automakers Really Think?
bySecurity Innovation
 
PPTX
Digital Transformation and Data Protection in Automotive Industry
byÇukur & Yılmaz Law Firm
 
PPTX
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
byNiteshKumar958846
 
PPTX
Digital Transformation and Data Protection
bySerter Ozturk
 
PDF
Car Cybersecurity: The Gap Still Exists
bySecurity Innovation
 
PDF
Countering Cybersecurity Risk in Today's IoT World
byBrad Nicholas
 
PDF
WHITE PAPER▶ Building Comprehensive Security Into Cars
bySymantec
 
PPTX
Hacking your Connected Car: What you need to know NOW
byKapil Kanugo
 
PDF
5G and Connected Car Oppurtunities.pdf
byDSP/CSP Company
 
PDF
FASTRInfographic2017
byCraig Hurst
 
PDF
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
byBill Harpley
 
PPTX
No Safety Without Security
bySecurity Innovation
 
PPTX
Auto Dealerships Hacked, More Coming
byMike Drevline
 
PDF
Connected Cars: What Could Possibly Go Wrong
byOnBoard Security, Inc. - a Qualcomm Company
 
PDF
The New Assembly Line: 3 Best Practices for Building (Secure) Connected Cars
byLookout
 
Security in the driver's seat: Achieving cyber resilience in automotive
byaccenture
 
CONNECTED CARS: LIFE IN THE SMART LANE
byS_HIFT
 
The Right Track for Connected Cars
byStrategy&, a member of the PwC network
 
Automotive Cybersecurity: The Gap Still Exists
byOnBoard Security, Inc. - a Qualcomm Company
 
Car cybersecurity: What do automakers really think?
byOnBoard Security, Inc. - a Qualcomm Company
 
Car Cybersecurity: What do Automakers Really Think?
bySecurity Innovation
 
Digital Transformation and Data Protection in Automotive Industry
byÇukur & Yılmaz Law Firm
 
Strategy Analytics - Automotive Cyber Security - Oct 2020.pptx
byNiteshKumar958846
 
Digital Transformation and Data Protection
bySerter Ozturk
 
Car Cybersecurity: The Gap Still Exists
bySecurity Innovation
 
Countering Cybersecurity Risk in Today's IoT World
byBrad Nicholas
 
WHITE PAPER▶ Building Comprehensive Security Into Cars
bySymantec
 
Hacking your Connected Car: What you need to know NOW
byKapil Kanugo
 
5G and Connected Car Oppurtunities.pdf
byDSP/CSP Company
 
FASTRInfographic2017
byCraig Hurst
 
Connected & Autonomous vehicles: cybersecurity on a grand scale v1
byBill Harpley
 
No Safety Without Security
bySecurity Innovation
 
Auto Dealerships Hacked, More Coming
byMike Drevline
 
Connected Cars: What Could Possibly Go Wrong
byOnBoard Security, Inc. - a Qualcomm Company
 
The New Assembly Line: 3 Best Practices for Building (Secure) Connected Cars
byLookout
 

More from accenture

PDF
The Industrialist: Trends & Innovations - January 2024
byaccenture
 
PDF
The Industrialist: Trends & Innovations - September 2023
byaccenture
 
PPTX
Accenture Technology Vision - How the trends apply to higher education
byaccenture
 
PDF
The Industrialist: Trends & Innovations - July 2023
byaccenture
 
PDF
Accenture Technology Vision - How the trends apply to higher education
byaccenture
 
PDF
Engineering Services: con gli ingegneri per creare valore sostenibile
byaccenture
 
PDF
Digital Euro: Implications for the Financial System
byaccenture
 
PDF
More deals, less money: the Black founder funding journey
byaccenture
 
PDF
The Industrialist: Trends & Innovations - June 2023
byaccenture
 
PPTX
Reinventing Enterprise Operations
byaccenture
 
PPTX
Semiconductor Gender Parity Study
byaccenture
 
PDF
The Industrialist: Trends & Innovations - March 2023
byaccenture
 
PDF
Nonprofit reinvention in a time of unprecedented change
byaccenture
 
PPTX
Free to be 100% me
byaccenture
 
PDF
The Industrialist: Trends & Innovations - February 2023
byaccenture
 
PDF
Mundo gamer e a oportunidade de entrada pela abordagem do movimento
byaccenture
 
PDF
Pathways to Profitability for the Communications Industry
byaccenture
 
PDF
The Industrialist: Trends & Innovations - January 2023
byaccenture
 
PDF
Reimagining the Agenda | Accenture
byaccenture
 
PDF
Climate Leadership Eleventh Hour | Accenture
byaccenture
 
The Industrialist: Trends & Innovations - January 2024
byaccenture
 
The Industrialist: Trends & Innovations - September 2023
byaccenture
 
Accenture Technology Vision - How the trends apply to higher education
byaccenture
 
The Industrialist: Trends & Innovations - July 2023
byaccenture
 
Accenture Technology Vision - How the trends apply to higher education
byaccenture
 
Engineering Services: con gli ingegneri per creare valore sostenibile
byaccenture
 
Digital Euro: Implications for the Financial System
byaccenture
 
More deals, less money: the Black founder funding journey
byaccenture
 
The Industrialist: Trends & Innovations - June 2023
byaccenture
 
Reinventing Enterprise Operations
byaccenture
 
Semiconductor Gender Parity Study
byaccenture
 
The Industrialist: Trends & Innovations - March 2023
byaccenture
 
Nonprofit reinvention in a time of unprecedented change
byaccenture
 
Free to be 100% me
byaccenture
 
The Industrialist: Trends & Innovations - February 2023
byaccenture
 
Mundo gamer e a oportunidade de entrada pela abordagem do movimento
byaccenture
 
Pathways to Profitability for the Communications Industry
byaccenture
 
The Industrialist: Trends & Innovations - January 2023
byaccenture
 
Reimagining the Agenda | Accenture
byaccenture
 
Climate Leadership Eleventh Hour | Accenture
byaccenture
 

Recently uploaded

PDF
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PPTX
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
How to build hackthon projects from ZERO!
byishantyadav1111
 
PDF
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PDF
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PPTX
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
UiPath Automation Developer Associate Training Series 2026 - Session 1
byDianaGray10
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
Cyber security chapter 1 for learning and educating to the students who want ...
byGulMohammadi
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
How to build hackthon projects from ZERO!
byishantyadav1111
 
Chapter 4 Network Security in computer security
byGetnet Tigabie Askale -(GM)
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
Supercharge Your Copilot-Driven Collaboration with Microsoft 365 Agents SDK
byAntti Koskela
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
Introduction to Industrial-Arts Grade 8 ppt Lesson 1
byFSBTLEDNathanVince
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 

Automotive Cybersecurity: Shifting into Overdrive

  • 1.
  • 2.
    When an industry completelyreinvents its products and its ways of doing business, it’s an exciting challenge. When it does so in the middle of a pandemic, it’s a heroic effort. The automotive industry has grappled with both scenarios in 2020. 2Copyright © 2020 Accenture. All rights reserved. Auto companies were already focused on moving to connected, clean vehicles prior to COVID-19, but have now found themselves challenged to retool and reorient to manufacture life-saving products like ventilators. The learned agility that came from their COVID-19 efforts will likely help auto companies as they revitalize post-pandemic. And as they do, they’ll need new cybersecurity measures to help them protect their new ways of doing business. Some automotive companies were already ahead of the curve in cybersecurity, according to our most recent research. Accenture’s detailed modeling of cybersecurity performance identified an elite group—just 18%i—that achieve significantly higher levels of performance in at least three of these categories:
  • 3.
    3Copyright © 2020Accenture. All rights reserved. What can other automotive companies learn from the cybersecurity Leaders in their industry? We’re glad you asked.
  • 4.
    Leaders’ investments ininnovation are working 4 While the majority of companies’ security investments are failing, Leaders have a better cybersecurity track record. One of the major reasons, according to our study, is their investments in innovation. The vast majority of automotive cybersecurity leaders spend more than 20% of their cybersecurity budgets on advanced technologies— the kind that support the innovation their company is baking into their business. Copyright © 2020 Accenture. All rights reserved.
  • 5.
    Artificial Intelligence (AI)and Security, Orchestration,Automation, Response (SOAR) technologies top the list of advanced technologies automotive cybersecurity Leaders are investing in. But others, as you can see from the chart, are contributing to their cybersecurity ranking and success. Copyright © 2020 Accenture. All rights reserved. 5
  • 6.
    Regulating vehicle cybersecurity putsheavy responsibility on manufacturers Currently, there are few legal regulations on cybersecurity in the automotive sector. In mid- 2020, Regulations (WP.29)—a working party of the Sustainable Transport Division of the United Nations Economic Commission for Europe (UN ECE)—will change that in Europe. As we write this cybersecurity report, the UN ECE will issue in late 2020 or early 2021 a regulation on cybersecurity in connected and autonomous vehicles. It provides uniform provisions for the approval of vehicles’ cybersecurity and cybersecurity management systems (CSMS). The regulation will also cover software updates and software update management systems (SUMS). WP.29 has many facets, but its major focus areas include: Increased focus on secure management across entire automotive supply chain Mandates for monitoring and incident response from the Original Equipment Manufacturer during post-production Security certifications per vehicle type High focus on securing and controlling data-at-rest and data- in-transit, especially when it comes to data regarding Personally Identifiable Information (PII) data. As the automotive industry moves more and more to connected cars, cybersecurity being in lockstep with the business becomes even more of an imperative. 6Copyright © 2020 Accenture. All rights reserved.
  • 7.
    New innovations, newchallenges Two developments open automotive manufacturers up to increasing cybersecurity challenges.The first is the more remote method of working due to COVID-19, a method that may continue for some time.And the second is the increasing business and technology partnerships automotive companies are forging as they move from producing a vehicle that is primarily of their making, to a vehicle that is a collection of software-based services and systems. Challenge 1: More remote workers Challenge 2: Connected cars The first challenge, more remote workers, is one most industries are facing. From securing personal devices and networks, to protecting collaboration technology like video- conferencing and file sharing, automotive companies will need to make some enhancements in their existing security to close gaps. It is a challenge but one where they can share solutions with thousands of companies the world over. The second challenge—connected cars—is a tougher one because it’s unique to the industry.And, it relates not only to privacy and the usual security concerns, but also to a life- or-death matter—the safety of passengers and other drivers. Copyright © 2020 Accenture. All rights reserved. 7
  • 8.
    Gearing up forremote working environments Some companies, like Accenture, were well-versed in remote working environments prior toCOVID-19. But many automotive companies were still in a traditional office structure.As a result, they have been racing to accelerate their cybersecurity protections for employees—who might previously have been concentrated in several dozen secure locations globally and are now located in thousands of unsecured home locations instead.And our survey respondents shared that the top target for cyberattacks was their corporate organization—ranging from attacks on intellectual property to employee information. Phishing by cyberespionage and cybercriminal groups, as well as nation-state-sponsored cyberthreats, are huge risks right now— particularly for companies that have not had to address at-home protection previously. Adaptive security, based on zero-trust protocols, is a wise step for any company that finds itself grappling with a remote workforce during this time period. Copyright © 2020 Accenture. All rights reserved. 8
  • 9.
    Copyright © 2020Accenture. All rights reserved. Zero Trust Systems: Dynamic cybersecurity for dynamic businesses With the increasing amount of remote work generated by COVID-19 likely to continue, we expect more companies to move to zero trust systems and adaptive security. They are powered by analytics and automation and enhance the security posture of any organization. This approach is particularly effective for companies with an increasing number of system entry points. It works against opportunistic and targeted attacks, as well as trusted insiders and other insider threats. Zero trust means constant verification. Even if a user is inside a company’s network, a company will not assume it’s safe. Instead, it is provided granular user-access control as never before for authentication and verification. Unlike traditional static security approaches, adaptive security includes context-aware security access policies and controls. These shift dynamically based on the risk of every access request, and help a business detect anomalies faster and more accurately. 9
  • 10.
    Connected car systemsneed to be a cyber-fortress Cybersecurity for connected vehicles involves a continuous end-to-end chain, from the service delivery platform to mobile apps to in-vehicle telemetry.AI and machine learning to help detect unknowns and anomalies within a car’s system are key—but so are advanced technologies to support the ecosystem partnership systems that created the car. And our research shows that 41% of automotive company security breaches come from indirect attacks, or hidden attacks via their ecosystem. Currently, only roughly two-thirds of automotive companies oversee the cybersecurity practices of their technology providers, auto parts providers and dealerships. Delivery and other services rank even lower.This practice leaves a huge door for cybercriminals to enter—and they are, with increasing speed and force. It’s no surprise, then, that managing security over multiple stakeholders was the top challenge auto companies cited to managing cybersecurity in their industry. Copyright © 2020 Accenture. All rights reserved. 10
  • 11.
    A cybersecurity strategyfit for innovation Automotive companies need a cybersecurity foundation fit for purpose—and that purpose has changed.As manufacturers invest in emerging technologies and decouple their core architecture to allow for innovative collaboration, their cybersecurity strategy needs to change. Many are handling the basics well, but the business has moved beyond basic cybersecurity needs. The sophistication and severity of cyberattacks is increasing at an alarming rate, significantly impacting companies across industries.The average cost of cybercrime for an organization has increased US$1.4 million to US$13.0 million.ii Now more than ever, as auto companies move from vehicle manufacturing specialists to technology ecosystem specialists, their cybersecurity needs become far more complex and critical.A connected car stems from a web of interconnected companies with varying levels of cybersecurity expertise. “The future of the industry will be characterized by partnerships that deliver more than any one company could deliver on its own.” Accenture Tech Vision Copyright © 2020 Accenture. All rights reserved. 11
  • 12.
    Focusing on actionin a few key areas can help automotive companies advance their cybersecurity to better meet the new needs of the business: Reassess cybersecurity using an end-to-end approach. New regulations are a bellwether for things to come, holding automotive companies responsible for secure management of areas like data at rest and data in transit. Cybersecurity in an intelligent vehicle has become a matter of life or death. Look beyond traditional boundaries. Auto companies will more and more have to take cybersecurity standards and enforcement across the ecosystem and their own distributed operations into their hands to protect their own interests. Take a proactive stance with regulators and shared industry intelligence. Regulators need input from automotive companies to create standards that protect consumers but are also realistic for manufacturers. Reaching out to offer assistance and subject matter expertise helps ensure a public/private partnership for the mutual good. And industry groups like the Automotive Information Sharing and Analysis Center (Auto-ISAC) serve as a global information- sharing community to address vehicle cyber security risks. Auto-ISAC operates a central hub for sharing, tracking and analyzing intelligence about cyber threats, vulnerabilities and incidents related to the connected vehicle. The more companies that actively participate, the better the resources marshaled against cyber attackers. As cars become connected products and consumers begin to clamor for the Next Big Thing that will transform their riding and driving experience, the need to protect not only those consumers, but also their own employees and business continuity, becomes paramount. The innovation so very necessary to leapfrog the auto industry to the next level brings some very serious potential risks in the cyber realm. Automotive companies that move now to anticipate and address those risks set themselves up to move into their future more rapidly—and more safely. Copyright © 2020 Accenture. All rights reserved. 12
  • 13.
    Contacts Brian Irwin Lead –Automotive, North America Managing Director brian.irwin@accenture.com Alberto Meneghini Automotive, Security Managing Director alberto.meneghini@accenture.com About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries—powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at www.accenture.com About About Accenture Security Accenture Security is a leading provider of end-to-end cybersecurity services, including advanced cyber defense, applied cybersecurity solutions and managed security operations. We bring security innovation, coupled with global scale and a worldwide delivery capability through our network of Advanced Technology and Intelligent Operations centers. Helped by our team of highly skilled professionals, we enable clients to innovate safely, build cyber resilience and grow with confidence. Visit us at www.accenture.com/security About About the research Accenture Research conducted its third annual cybersecurity study with 4,644 security executives in 16 countries. We collected responses from companies with $US1B+ in revenue, across 24 industries. This report is our analysis of responses from 100+ executives in the automotive industry. References i All data is from Accenture’s Cyber Resilience research, unless otherwise noted. ii “The Cost of Cybercrime,” Accenture, 2019. DISCLAIMER: This document is intended for general informational purposes only and does not take into account the reader’s specific circumstances and may not reflect the most current developments. Accenture disclaims, to the fullest extent permitted by applicable law, any and all liability for the accuracy and completeness of the information in this presentation and for any acts or omissions made based on such information. Accenture does not provide legal, regulatory, audit, or tax advice. Readers are responsible for obtaining such advice from their own legal counsel or other licensed professionals. Copyright © 2020 Accenture. All rights reserved. Accenture, its logo, and New Applied Now are trademarks of Accenture.