Government issues new guidelines to boost cybersecurity in connected cars and protect people’s personal data
Technology is rapidly changing the car industry. But while it’s easy to get excited about how the new generation of smart cars predict routes and notify drivers about accidents, internet-connected vehicles also run the risk of being hacked by outsiders. In order to ensure the safety of the drivers, the government has issued new cybersecurity guidelines to connected and autonomous vehicle manufacturers.
Issued by the Centre for the Protection of National Infrastructure and the Department for Transport, the new cybersecurity principles for connected and automated vehicles state that security is a board-level responsibility. Not only does this mean that car-company leaders have to ensure that the business is promoting cybersecurity but it also means that board members can be held responsible in case of breaches. And the manufacturer isn’t alone in that responsibility: the guidelines encourages all organisations in the supply chain – including third parties and contractors – to work together to ensure passengers’ safety by improving digital security.
To make it even more difficult for outsiders to access data or to take control of smart cars, the guidelines state that the manufacturer should take an in-depth approach to cybersecurity. This includes responding accordingly to attacks, to limit potential breach points and to enable users to control storage and validate transmissions themselves. Finally, manufacturers are urged to keep up to date with and respond to new threats even after a vehicle has left the factory. In other words, organisations must provide product aftercare and ensure systems are secure over their lifetime by constantly updating them.
Commenting on the new guidelines, Martin Callanan, the transport minister, said: “Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low but we must make sure the public is protected. Whether we’re turning vehicles into wifi-connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks. That’s why it’s essential all parties involved in the manufacturing and supply chain are provided with a consistent set of guidelines that support this global industry.”
Given these guidelines and the upcoming Autonomous and Electric Vehicles Bill announced in the Queen’s speech this summer, it’s safe to say that the government is taking the future of cars quite seriously.