search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security & Monitoring


Why automakers shouldn’t reinvent the wheel on cybersecurity and data privacy


By Niclas Gyllenram, CEO of AiDEN Auto T


he modern car is no longer just a vehicle—it’s a rolling computer, packed with sensors, software, and connectivity that rivals smartphones and laptops. While this brings exciting new capabilities, it also introduces serious cybersecurity and data privacy concerns. The auto industry is waking up to these challenges, but there’s a temptation to solve them in a vacuum, creating custom-built security frameworks from scratch.


That’s a mistake.


Cybersecurity isn’t a new problem. Industries like finance, healthcare, and IT have spent decades refining best practices for protecting sensitive data and critical systems. Automakers don’t need to reinvent the wheel; they need to adopt and adapt proven security models that have already been tested under fire. Let’s look at some of the key lessons the auto industry should take from these other sectors and why they’re critical for keeping connected vehicles safe.


Understand your risks before you build solutions


Before automakers start implementing security solutions, they need to take a step back and conduct thorough risk assessments. What data are they collecting? Who has access to it? How could a bad actor exploit the system? These are the kinds of questions financial institutions and government agencies have been asking for years. A connected car is more than just a data- collection device—it’s a potential attack vector. The National Highway Traffic Safety Administration (NHTSA) has outlined best practices that include creating multiple layers of protection and continuously evaluating threats. The auto industry should take this to heart and build cybersecurity into the entire vehicle development process, rather than treating it as an afterthought.


Enforce strong access controls One of the biggest security failures across industries comes from weak or


20 March 2025


mismanaged access controls. Banks don’t let just anyone access customer accounts, and automakers shouldn’t allow open- ended access to vehicle data either. Using multi-factor authentication (MFA) and strict role-based access controls (RBAC) should be standard practice for any system handling connected vehicle data. This means not only securing vehicle-to- cloud communication but also ensuring that internal teams and third-party partners have limited, need-to-know access to sensitive information. The Cybersecurity and Infrastructure Security Agency (CISA) has long championed these strategies, and the auto industry should follow suit.


Keep software up to date—always If there’s one thing automakers should learn from the IT sector, it’s that outdated software is an open invitation for hackers. Microsoft, Apple, and Google push frequent updates for a reason: to patch vulnerabilities before they


Components in Electronics


can be exploited. Cars should be no different. Unfortunately, the auto industry moves at a glacial pace compared to tech companies. Many vehicles on the road today are still running software that was developed years ago, with no clear update plan in place. This needs to change. Over-the-air (OTA) updates should be mandatory, and manufacturers must commit to long-term software support - not just for new models, but for older vehicles still in circulation.


Encrypt everything, everywhere When financial institutions store sensitive customer data, they encrypt it. When you send a private message on your phone, end-to-end encryption ensures that only the recipient can read it. The auto industry must adopt the same mindset. Vehicle data - whether it’s telemetry, GPS location, or driver preferences - should be encrypted both in transit and at rest.


This means that even if a hacker intercepts data, they won’t be able to read or manipulate it. Anonymization techniques can add another layer of protection, but encryption should be the foundation of any automotive data security strategy.


Train employees - because humans are the weakest link


One of the most overlooked aspects of cybersecurity is employee education. Hackers don’t just rely on technical exploits - they target people. Phishing attacks, social engineering, and insider threats can compromise even the most secure systems if employees aren’t trained to recognise them. Every automaker and supplier should implement ongoing cybersecurity training programmes, just like banks and healthcare organisations do. Employees need to understand how to identify suspicious activity, avoid phishing scams, and follow best practices for data protection. The


www.cieonline.co.uk


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56