Archive for September 19th, 2017

Here Is How To Address Car Hacking Threats

When you connect a car to the Internet, it is no longer just a car: It is a computer on wheels.

For years, the security industry has asked itself, “When will cyberattacks affect the physical world?” The connected car is a clear example of where this manifests, especially as researchers release new information about vehicles’ vulnerabilities, such as my partner Marc Rogers’ and my deep dive into Tesla’s systems, or the recent Jeep Cherokee analysis, wherein researchers breached the vehicle’s drive systems from the Internet, slowing the vehicle to a crawl on a highway. Fiat Chrysler has since recalled more than one million vehicles as a result, and legislation aptly named the “Security and Privacy in your Car Act” is currently in consideration by Congress.

When a car can search Google, send tweets and be remotely accessed from a smartphone app, that car has more in common with your laptop than it does the Model T. Securing the next generation of connected automobiles means redefining what it means for a vehicle to be “road-ready.” The road-ready vehicle of the future needs cybersecurity measures beyond the traditional physical safety measures taken today.

It is inevitable that automobiles — alongside every other essential technology in our lives — become connected. Given how important cars and trucks are to both individuals and the world’s economy as a whole, it’s entirely expected that attackers will focus their energy on disrupting vehicles’ (hopefully) well-designed systems.

Thankfully, nothing catastrophic has happened yet, and the auto industry is in position to take necessary action to get ahead of this problem. However, it needs to learn from the software industry’s experience on the front lines of the Internet, something most auto manufacturers have yet to do.

For example, as part of its mission to reinvent the automobile, Tesla has taken a software-first approach to itscars. Knowing that the people will expect their car to be connected to the Internet, the conversation internally never was “when these cars become Internet-connected,” it always was “how can we build a great connected car?”

As with any software-driven product, cybersecurity must be a deliberate investment. Today, the auto industry can take three specific measures to dramatically improve the cybersecurity of its vehicles.

First, vehicles need over-the-air update systems to avoid expensive and lengthy recalls every time a security vulnerability is found. Second, manufacturers must separate infotainment systems and the critical drive systems, tightly controlling communication between them, just as commercial airliners isolate inflight Wi-Fi networks from critical avionics systems. Third, manufacturers must assume that some attacks will succeed and secure each individual software component in the vehicle, so that if an attacker compromises a single system they do not automatically get access to the entire vehicle.

While the state of automobile cybersecurity would be substantially improved if all manufacturers implemented these guidelines, they are just a start. It takes years for a company to develop a strong cybersecurity culture; even with a strong internal cybersecurity team, that team must be supported by and integrated into the organization as a whole.

Further, companies with experienced security teams look not just inside the company for support, but outside to the global community of security researchers identifying problems — and hoping to get them fixed — ahead of criminals. For example, Tesla launched a “Bug Bounty” program to encourage external security researchers to responsibly identify and help fix any security issues they uncover. I encourage all other manufacturers to follow a similar path.

Consider the consequences if the auto industry does not get security right: Manufacturers may need to issue a recall for every software vulnerability found. Recalls are a long process, and software vulnerabilities become a substantial personal safety issue, even a national security concern, if not fixed immediately. Further, if the frequency of software vulnerabilities in vehicles is anywhere near that of PCs — monthly and even weekly in some cases — recalls quickly become impractical.

I sincerely hope that all auto manufacturers proactively address cybersecurity, starting with the guidelines above, to make automobiles one of the most secure pieces of technology in our lives.

Products
September 2017
M T W T F S S
« Aug   Oct »
 123
45678910
11121314151617
18192021222324
252627282930  
  • America's Best Colleges
    Forbes' list of public and private colleges and universities ranks the best schools--from the students' point of view.
  • Twelve Nasty Work-From-Home Scams
    Does the offer of making a mint in your pajamas sound too good to be true? It surely is.
  • The World's Most Powerful Celebrities
    Oprah Winfrey takes back her crown while pop chart phenomenon Lady Gaga catapults to No. 4 on this year's Celebrity 100.
  • The World's Leading Companies
    This comprehensive report analyzes the world's biggest companies and the best performing of these titans.
  • The World's Billionaires
    Carlos Slim Helu takes the No. 1 spot on Forbes' annual list of the world's richest as a record 164 billionaires return to the ranking amid the global economic recovery.
  • 5 Fatal Sales Mistakes to Avoid
    Are you selling as much as you should be? If you're missing your sales goals, you or your employees may be making one or more of these fatal sales mistakes.
  • How to Build a Great Small Business Company Culture
    The one thing your competition can't steal or copy is your company culture. Make your small business' employees feel appreciated and valued by creating a great company culture.
  • 7 Steps to Create a Powerful Sales Presentation
    A good sales presentation can influence customers to buy from you instead of the competition. These 7 steps will help you create powerful presentations that wow customers and win sales.
  • 36 Low-Cost Ways To Promote Your Business
    36 low cost ways to promote and advertise your business. Proven marketing strategies and low-cost advertising methods for small business and home business owners.
  • 5 Ways to Predict a Trend
    Spotting a trend ahead of the competition can give you a big leg up. But how do you tell a trend from a fad? Here are five ways you can spot trends while they are still on the horizon.
NY Business