IDC and Veracode Study Reveals Major Concerns Over Security of Connected Cars

BURLINGTON, MA--(Marketwired - Mar 1, 2016) - Veracode, a leader in protecting enterprises from today's pervasive Web and mobile application threats[1], today issued findings from a joint IDC/Veracode study that polled 1,000 drivers across the UK and Germany, revealing 50 percent of drivers surveyed are concerned about the security of driver-aid applications such as adaptive cruise control, self-parking, and collision avoidance systems, reflecting an equal level of concern with the safety of the entire vehicle. Following in-depth interviews with leading vehicle manufacturers and automotive industry representatives, IDC predicts a security lag of up to three years before systems catch up with cyber threats.

As the ability for drivers to download applications to navigate, park, communicate, conserve fuel, self-park or other driver enhancements will revolutionize the automotive sector, IDC projects the total market for automotive-related Internet of Things in 2016 is worth $140.3bn.i Yet exposing a car to the Internet makes it vulnerable to cyberattack which could render the car unstable or dangerous, such as the 2015 demonstration where a Jeep Cherokee was totally taken over by security researchers while driving at more than 70 mph on a US freeway.ii The security implications impact vehicle manufacturers, component manufacturers as well as independent software vendors (ISVs), all of whom are racing to keep up with driver demand.

As applications continue to drive greater functionality across connected devices, concerns over safety and cybersecurity become paramount for manufacturers. The research highlights several cybersecurity approaches being taken by manufacturers to reduce risk across a number of applications-driven connected car systems, including performance, dashboard and smartphone connectivity, as well as driver aids.

Combining driver sentiment with in-depth interviews from organizations such as Fiat-Chrysler, Seat, Scania, Delphi and German industry body ADAC, the paper sheds light on key questions, such as: What are the cybersecurity implications of the connected car? Who is responsible for ensuring the applications are secure? Where does product liability lie? What are the issues and approaches for personal data and privacy? Key findings include:

  • Driver downloaded applications pose security challenge. All manufacturers interviewed reported concerns around the security of critical systems being exposed to applications they did not develop, creating situations where safety of the vehicle would 'leave the control of the manufacturer'.
  • Manufacturers should be liable for safety of the connected car. 87 percent of drivers polled believe all aspects of safety -- including resiliency of applications to cyberattack -- rests with manufacturers, regardless of whether an in-car application was developed by a software company or the car manufacturers themselves.
  • Manufacturers do not feel they need to worry about driver data privacy. However, 46 percent of drivers are concerned over this issue, particularly as applications continue to integrate. For example, as navigation systems evolve to find, reserve and pay for parking automatically, the potential for leaking credit card information and other personal data arises.

"What we're seeing happen in the auto industry is a microcosm of what's happening in financial services, healthcare and virtually every other sector -- applications are not created with security in mind, creating a major area of risk," said Chris Wysopal, CTO, Veracode. "Exposing a car to the Internet makes it vulnerable to cyberattack due to poorly written software, which could render the car unstable or dangerous. Building a secure application development program is a significant challenge for manufacturers, which

Read more http://www.marketwired.com/mw/release.do?id=2101413&sourceType=3

Other news:

  1. Barcoding Specialist Acquires InSync Anywhere Practice
  2. Asset Tracking System Adds Purchase Order Approval Module
  3. Zebra Technologies Announces 2015 Fourth Quarter Financial Results
  4. Near Field Communications Used To Combat Counterfeit Products in Vietnam
  5. NFC Used to Secure and Authenticate Limited-Edition Bottles of Rare Sherry #mwc16
    1. Retailers Should Focus on In-Store Technologies to Make Experience More Seamless
    2. Retail thrives? Two articles worth reading
    3. FL, DE, OR, DC are the riskiest states for e-commerce fraud
    4. NFC Mobile Payment Users to Reach Nearly 150m Globally This Year
    5. Vendor Empowers Resellers by Streamlining the Digital Signage Sales Cycle
    6. Comments on Target's e-Commerce Surge
    7. Maarten Bais Joins Elo as Vice President of EMEA Sales