Thuen said he thinks pressure will also ramp up with the adoption of cybersecurity insurance. “No companies are better at assessing risk than insurance companies,” he said, “and if anyone can figure out what activities actually make us more secure, it’s them.
“Also, a statement like, ‘Having a vulnerability assessment done on a component will reduce your premiums by X dollars,’ is an actual ROI that business leaders and policy makers can factor into their calculations.”
Of course, there is also the reality that, in the online world, nothing is bulletproof. Even Auto ISAC notes in its best practices document that, “a future vehicle with zero risk is unobtainable and unrealistic.”
But Barzilai, while he agrees with Auto ISAC, said he also believes that, “cars and drones can be hardened in a way that will make the risk of cyber hacking tamed to levels that are close to zero.”
That, he said, is because, “cars, drones and IoT devices in general, are not user-configured. They should run according to factory settings, so any foreign code or unexpected in-memory operation imply hacking attempts.”
And Grobman notes that semi- and fully autonomous vehicles are already in the works. He said the Automotive Security Review Board (Intel is a founding member), “has a vision of driving research to achieve intelligent, self-healing vehicles.”
And he said it is important to focus on the “aggregate” improvement that connected cars bring to vehicle safety, and not dwell only on a few failures.
“Just as the airline industry now relies on automation and ‘fly by wire’ to improve air safety in inclement weather, we should look forward to similar benefits in the automotive world,” he said.
Sign up for CIO Asia eNewsletters.