According to Automotive News, «a dealership is a treasure trove for hacking: on an average day, 153 viruses and 84 malicious spam emails are blocked by technology on a dealerships network”. Now put this finding in the perspective of what we recently learned about online access to thousands of video calls. Today, when business has gone online more than ever, cybersecurity and data security of business users and clients is of particular concern.
Car dealers, like most companies, face a list of usual-suspect cyber threats. They also face industry-specific threats growing out of new personal-mobility concepts and car connectivity. According to a Ponemon Institute study from 2018 titled “Securing the Connected Car: A Study of Automotive Industry Cybersecurity Practices”, fewcar dealers have an established cybersecurity team, and most lack adequate security protocols.
Here are a few other alarming findings of the study:
The upshot of all of these findings is that poor car cybersecurity can compromise the safety of car owners and their information and may lead to exposure to potential legal liability.
There are many ways for car dealerships to get cyber safe, one very simple and efficient one is installing a ready-made connected car solution.
As an example, our company is ISO 27001 certified. ISO 27001 is an information security management system published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission. Companies can only become certified after passing an audit that ensures they have a robust system in place for identifying security risks and vulnerabilities. They must also design security controls to address known risks and develop management processes to ensure information security on an ongoing basis. Zurich Connected Cars’ ISO 27001 certification represents our commitment to protecting our customers with advanced cybersecurity protocols.
With poor cybersecurity, hackers may gain access to more than just sensitive information - they could also access vehicle telematics. Losing control of such systems while a vehicle is in operation is a major safety concern and could result in a liability risk. In this case, it is also important to check the device certification. Zurich Connected Cars OBD2 device and the manufacturing facilities that make our devices also undergo stringent quality controls to ensure maximum cybersecurity. Our devices are automotive compatible and the vehicle communication module (CAN module) is ISO 16845 certified. Hardware is produced in a TS/IATF 16949 certified facility.
Again, when it comes to customer security, a well-known and respected vendor may help. Our cloud services are based on Microsoft Azure, trusted by 95% of Fortune 500 companies. They spend over $1 billion each year to protect customer data from cyber threats and have over 90 compliance offerings, the largest in the industry.
The market is seeing more and more high-quality security systems that provide serious security measures, but user and consumer behavior are still lagging behind. The weakest link in the world of information security is the individual user. Zurich Connected Cars permanently conducts internal security audits, and among other functions, Zurich Connected Cars is investigating incidents, improving the information security management system and raising staff awareness in terms of security. We aim to focus on cybersecurity in all what we do and continue to keep our software and equipment updated and secure.