Insurance against cyber threats
Kent Eric Lång, project manager for the automotive network Vehicle ICT Arena in western Sweden, doesn’t mince words: “The automotive industry is on the verge of a fantastic transformation during the next five to ten years. As much will happen in ten years as during the previous hundred.”
What Eric Lång is referring to are the four parallel trends that together are changing the conditions for both the automotive industry and the suppliers and end-users of the products. First of all, we are well on our way to new power trains in the form of electrical operation and fuel cells. We are also seeing that automation has already begun, with vehicles increasingly taking over certain tasks and even driving themselves. Connected vehicles is the third very clear trend and this is also a prerequisite for the fourth, namely car sharing.
“On a higher level, it's about different types of mobility services. The basic concept is that you should be able to move from one place to another. It’s a waste of resources that cars are parked all day, waiting until they’re needed. Capital is unnecessarily tied up, but with connected vehicles, it's easier to optimise usage. Taken together, these four trends entail that our expectations for how cars should look and how cars should be used will evolve in the years to come.”
LOST CUSTOMER TRUST SLOWS DEVELOPMENT
The basis for the trends is in digitalisation. This is why cyber security also plays an important role for the future of the automotive industry. Customers’ trust in IT systems is essential; implementation will otherwise be significantly delayed. Here Kent Eric Lång is critical to the automotive industry’s unwillingness to take a leadership role.
“It's like all forms of insurance and threats. Everyone is afraid of being the loser and ending up with the Old Maid, in other words funding the investments necessary for protecting against the threats. This is why we find ourselves in a situation where we basically don't see anything happening until an accident has occurred.”
What we need to get past this situation are new collaborative initiatives among the stakeholders, according to Kent Eric Lång.
“Collaboration is necessary regarding investments in both technology and the methods and processes for securing the systems. No individual stakeholder wants to take on the costs for something that doesn't sell cars. The type of IT security we're talking about now should just be there; it's not a sales argument. With collaboration, we can create positive publicity about the new opportunities that improve both our lives and potentially the environment as well.”
At the same time, it can be difficult to know when security investments are at the right level. Security can be piled on to the degree that in the end, the car is no longer of practical use. When it comes to IT security however, there is a clear breakpoint.
“When security is too low, hackers will be attacking you with continuous intrusion attempts. While all are affected now and then, when you have sufficient security, it won’t be worth the time to try to crack the systems. Security is not just a matter of setting up a firewall; it concerns the entire electrical architecture from the ground up and how the connection to the vehicle is configured.”
INSURANCE PREMIUM FOR PROTECTION AGAINST CYBER SECURITY THREATS
An important step, according to Kent Eric Lång, is to agree on common terminology. This may sound like a matter of course but it is far from today's reality. Automakers, suppliers, other branches, hackers and the cyber security world all have different languages.
“Much would be gained by just being able to describe the threats in the same way. At the same time, there are good sources of inspiration. A very applicable example concerns safety, with the focus on reliability and physical assurance. Here the stakeholders have joined together and there is now a consensus that facilitates collaboration and experience exchange. Why not create a counterpart in security?”
Collaboration and cluster interaction is needed both within the automotive industry and with other branches.
“And why not collaborate with hackers? There are many skilled hackers, willing to collaborate. For many it is the challenge that attracts them; they're simply very competitive people. What I mean is that there are no absolute truths on the road ahead. What we do know however, is that the automotive industry will be changed from the ground up in the years to come and we must find forms for working together with IT security. This is the insurance premium we have pay as protection from cyber security threats.”