In recent years, the importance of cybersecurity has already found its way into the annual reports of major companies in the automotive and technology industries. Several high-profile attacks have affected the business performance of the affected companies and damaged corporate reputations. For example, a cyberattack in 2015 led to a recall of nearly 1.5 million vehicles. As a result, an estimated cost of around 600 million US dollars was incurred and the OEM affected suffered an estimated loss of its stock market value of 4 billion US dollars.
As vehicles become more complex, the risk of such events increases in the future. In addition, consumer information increasingly stored and retrievable in the vehicle attracts cyberattacks.
"Cybersecurity will play an increasingly important role for global automakers in the coming years - especially in light of increasingly connected and automated vehicles," says Mayank Agochiya, managing director of FEV Consulting, Inc.
Furthermore, cybersecurity measures also represent an opportunity for differentiation. As vehicle owners and users are offered highly integrated connectivity features, trust will play an important role in adoption in this context.
The mobility industry will therefore increase its focus on cybersecurity. Thus, compliance with most cybersecurity regulations and standards (including ISO 21434) is expected to be targeted for all vehicles with market introduction in 2025. With the entry into force of UNECE WP.29, cybersecurity will even become a mandatory aspect of type approval in 54 countries before 2025.
"To meet these requirements, OEMs and suppliers need to act early to be ready to act by 2025 at the latest," says Agochiya. "This requires building complex cybersecurity organisations, resources and processes by the end of 2022. With our SPORT framework, this is exactly where we come in and support our customers in developing secure vehicles."
The FEV SPORT framework - SPORT stands for "Strategy, Process, Organisation, Resources and Technology" - was developed to address the topic of cybersecurity holistically. The "strategy" aspect takes