Page 115 - Cyber Defense eMagazine for September 2020
P. 115
looking to address this challenge, albeit gradually, the best approach is one that will see the automotive
industry building a tailored cybersecurity approach from the ground up. Instead of aiming for a one-size-
fits-all cybersecurity solution, key automotive stakeholders should embrace their differences through a
visibility-first concept that will enable each OEM to plan and execute a tailor-made cybersecurity policy
based on unique needs.
Can a customized approach really be cost-effective?
OEMs and Tier 1 suppliers differ in their approach to cybersecurity, as do their needs. While some are
focused on the deployment of basic passive security solutions, others have advanced to active measures,
each with their own approach: some OEMs and Tier 1s think that one-dimensional protection will suffice,
while others are building multi layered defense mechanisms. Though these cybersecurity end-goals are
certainly important, the process of getting there is even more so. Today’s cybersecurity solutions
undoubtedly provide real value to the ecosystem, but are inhibited by their inability to scale easily and
support different variants of vehicle models, and how each vehicle on the road may need a different
configuration. Automotive manufacturers need a diverse toolbox to protect different systems from the
vast array of potential attacks.
These tools must be as flexible as the approach itself. With a supply chain fraught with complication and
the sheer volume of vehicle makes and models, it’s essential that solutions be scalable enough to
accommodate customizations for all industry manufacturers. Although the number of requirements for
effective, scalable cybersecurity solutions is high, their cost doesn’t have to be. In fact, an approach that
creates visibility across the vehicle lifecycle will produce cost savings. Streamlined communication means
less overhead and a reduced risk of recalls, while solutions that are easily integrated into any system
cost less in the long-term, particularly those that work with any hardware solution.
Though security requirements may change throughout the vehicle lifecycle, OEMs must be able to
orchestrate, change and update security across all different models and variations, quickly and
effectively.
Security by design, customized to the automotive industry.
A tailored approach to cybersecurity embodies a new meaning of “security by design” for the automotive
industry. No, one OEM can’t act as its own supply chain, but it can tailor its implementation strategy to
match the architecture of its vehicle. Key players in the automotive industry have already started to
master the art of vertical integration. Tesla’s rapid-fire approach to innovation has served its purpose
well: they are the only automotive manufacturer to build everything from seats to computer processors
themselves, with great success. This same principle can be applied to automotive cybersecurity. While
suppliers will undoubtedly still be involved in the process, how can OEMs vertically control cybersecurity
by leveraging a solution such as the one deployed by Elon Musk, and Tesla?
Typically, for any OEM, cybersecurity principles remain the same. Security and safety goals are still
aligned, but the means of implementation are fundamentally different due to the solutions, vehicle
Cyber Defense eMagazine – September 2020 Edition 115
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
