The automotive sector is experiencing rapid transformation, with connected vehicles becoming increasingly common. As the industry advances, it faces new challenges in cybersecurity, with the rise of software-defined vehicles and autonomous driving presenting fresh vulnerabilities. By 2030, it is expected that 95% of vehicles sold will be connected, and as digital entry points replace physical ones, securing these systems will become even more critical.
Automotive cybersecurity has evolved significantly from its mechanical roots. Initially, security focused on physical aspects, with early connected systems like infotainment units introducing new risks, such as outdated software and unsecured network connections. In those days, cybersecurity was often reactive rather than proactive. Today, the situation has become far more complex. Modern vehicles are essentially “software on wheels,” housing around 150 Electronic Control Units (ECUs) and over 100 million lines of code. This has expanded the potential attack surface, making vehicles more vulnerable to cyberattacks. With incidents such as ransomware attacks on the rise, protecting these systems has become a priority, both for regulatory bodies and for companies themselves. Regulations like ISO 21434 and UNECE WP.29 have made it clear that cybersecurity measures need to be in place across the entire vehicle lifecycle, from design to retirement.
Looking ahead, AI is set to play a crucial role in securing automotive systems. Predictive analysis powered by AI can help detect anomalies and threats before they escalate, allowing for quicker responses to potential security breaches. However, attackers are also leveraging AI to make their methods more sophisticated, meaning constant vigilance is needed. Another key development is the convergence of IT and OT (Operational Technology) security, which is essential for providing comprehensive protection across connected ecosystems. Companies like Argus Cyber Security and CyberArk are already collaborating within Microsoft’s ecosystem to offer end-to-end security solutions, covering everything from research and development to the vehicle’s eventual decommissioning.
The future of automotive cybersecurity depends on collaboration and a holistic approach. By integrating security tools and solutions, organisations can not only improve their security posture but also increase operational efficiency. This is an evolving process, with cybersecurity measures continuously adapting to keep pace with technological advancements. As the automotive industry becomes more connected and autonomous, the need for robust cybersecurity strategies has never been more pressing.
Automotive cybersecurity is not just a technical issue, but a shared responsibility. Manufacturers, suppliers, and consumers must all play their part in ensuring that security is a priority as the sector continues to evolve. As innovation pushes the boundaries of what’s possible in connected vehicles, security must evolve alongside it to safeguard the future.
Tern plc (LON:TERN) backs exciting, high growth IoT innovators in Europe. They provide support and create a genuinely collaborative environment for talented, well-motivated teams. Device Authority is focused on securing connected device ecosystems and is recognized as the global leader in Device Identity Lifecycle Management and Identity and Access Management (IAM) for the Internet of Things (IoT).
