Automakers are racing to add new connectivity features and tools in their vehicles, to improve the experience for the driver. But, while connected cars promise more physical safety and improved efficiency, they are also posing a major risk to the automakers building them, according to a new report from KPMG, released Friday.
The new report–titled “Your Connected Car is Talking: Who’s Listening?”–examines the issues of cybersecurity and privacy that are prevalent in connected cars. A major incident could have long-lasting implications for the brand that suffered it, said Gary Silberg, KPMG’s national automotive leader, in a press release.
“Unlike most consumer products, a vehicle breach can be life-threatening, especially if the vehicle is driving at highway speeds and a hacker gains control of the car,” Silberg said in the press release. “That is a very scary, but possible scenario and it’s easy to see why consumers are so sensitive about cybersecurity as it relates to their cars.”
In the report, Silberg notes that our cars have “basically evolved into computers on wheels,” and that the tech powering them is “advancing by the minute.” The connected car itself is built on data, and that data itself is the most valuable part of the connected car ecosystem.
“Data is becoming a currency with actual value and must be protected. A failure to do so could have long term consequences for automakers,” Danny Le, KPMG’s automotive leader for cybersecurity services, said in a press release.
This isn’t to say that automakers can’t use connected car data, the report said. In fact, when used properly, this data can improve vehicle performance, provide better infotainment, enable business professionals to get more work done, and connect people to health systems. But, these manufacturers should focus on using data to improve safety, and they need to build a reputation as “data protectors,” according to the report. Part of the reason this is so essential, the report said, is that the potential consequences of a hack are so critical.
“At worst, a system hack can cause a crash, risking injury or death to car drivers or passengers.” the report said.
In fact, a Jeep hack last year showed that the brakes could be remotely affected, prompting FIat Chrysler to recall 8,000 SUVs. This is obviously bad business for the manufacturers. A separate KPMG report showed that 82% of consumers would be less likely to, or would never, buy from an automaker that had experienced a hack.
So, what should be done to better protect users from the dangers of connected cars? In its report, KPMG offers the following 10 best practices:
- Embed security and privacy at the earliest phases of product and software development
- Include cybersecurity in enterprise-wide risk governance
- Focus not just on the data but also on the entire ecosystem
- Be good citizens when it comes to customer data privacy
- Remember the three tenets of data security
- Prepare for emerging security risks
- Encrypt information coming into the master computer
- Test vulnerabilities
- Put safety first
- Build a “three-legged stool” of value, security, and privacy
The full report is available to read here.
The 3 big takeaways for TechRepublic readers
- While connected cars can improve the driving experience, they also create major risks for drivers and automakers, according to a new KPMG report.
- Carmakers should use data to improve safety and become known as “data protectors,” the report said.
- According to another KPMG report, 82% of customers would be opposed in some way to buying a vehicle from a company that had been hacked.