With vehicles getting smarter, more connected and more autonomous, vulnerability to hacking grows and the need for a cyber security plan is paramount
This feature is partner content sponsored by AUTOCRYPT
Some people predict we are living in a watershed moment. Not since mass transportation took the great leap from horse and buggy to motorcars at the turn of the 20th century has there been such a global shift in how to move humans from Point A to Point B.
With so much of the world’s attention focussed on the longest-lasting battery, the sleekest chassis and 0-60 acceleration, the issue of cyber safety in these next-generation connected vehicles — from scooter to sports car — has largely been relegated to a low hum in the background.
But all that needs to change and fast, says one leading company in the field of end-to-end mobility cyber security.
Securing the automotive ecosystem
Automotive cyber security is not just about making an individual vehicle safe. Each vehicle contains hundreds if not thousands of bridge points for a data leak — either between the parts in the car itself or between the vehicle and the outside world. Each one of these links presents a serious potential security threat. Therefore, in the cyber security space, the prism through which the issue is managed is a holistic one; when we discuss automotive security we are really talking about a secure environment.
Autocrypt is a Seoul-based organization with over a decade of experience in automotive cyber security. From securing connected highways and cars to influencing policy and regulatory development, Autocrypt has a front seat to the fast-changing world of mobile cyber security.
With clients all over the world, but previously based exclusively in Asia, now they have a Canadian branch and are eager to lend their expertise to helping Canadians stay safer on the roads.
“We are one of two companies in the world that provide end-to-end security, also for the back end and also we are good with data encryption, decryption and authentication,” says Sean Cho, director for North America at Autocrypt.
“We are dedicated to enabling the safety of autonomous, electric and connected vehicles and supporting connected road infrastructure. We see in Canada, compared to the U.S., the country is just at the very early stage of setting up infrastructure for connected road systems, autonomous vehicles and electric vehicles.”
Autocrypt bills itself as a security solution provider for the automotive ecosystem ranging from original engine manufacturers to service providers to charging infrastructure operators. They say early security interventions and building safeguards into the DNA of a connected transportation network is the most effective approach. With the Canadian sector still largely in its infancy, now is the ideal time for cybersecurity solutions to be woven into the fabric.
Building up in Canada
With clients all over the world, Autocrypt has to grapple with a variety of challenges on every file, and in countless jurisdictions. To say they are seasoned in the field is an understatement, but until quite recently they have flown under the North American radar. That all changed in 2021 when the company announced a partnership with the University of Windsor’s SHIELD Automotive Cybersecurity Centre of Excellence. It was the company’s first major move in Canada.
“Windsor SHIELD is taking care of the Canadian aspect of the cyber security of road systems,” says Cho. He also revealed the company decided their best strategic move was to start building in Canada by investing in a solid foundation: education, awareness and research.
This is what made the Windsor partnership so appealing.
“There are three things we want to do: education and consulting, defining an R&D project on in-vehicle security and hacks and real-world implementation plans,” says Cho. “We are going to begin our partnership with the introduction of the importance of security with connected road infrastructure. We are planning to have R&D and education programs for upcoming university students and then consulting for real-world implementation.”
Now, Autocrypt has roots in a leading academic centre and the comfort of knowing they are contributing to an upcoming generation of students who will be trained to fill the labour needs of the exploding cyber security field. The company will also have a hand in shaping the newest technologies of tomorrow, and embarking on the second phase and the longer-term goals of its North American expansion: future proofing.
Shaping cyber security policy
Ask any cyber security expert in the world what the number one problem in their field is and there is a high probability the answer will be a unanimous “regulations.” Cyber security deals with some of the world’s most sensitive information — financials, health, personal-identifying information, and even your home address and the locations of your children’s schools.
With so much privacy on the line, it’s not a shock that governments the world over are all writing their own rules for how data should be protected, who should be in control of it and refusing to share cyber security techniques — all at the expense of establishing a universal standard.
“Every country supports a different standard for vehicle security and infrastructure. In every single standard they address how to manage the data. Piece by piece they address it,” says Cho. “It’s almost impossible to have one single standard in the global market, even though it would be better.”
For cybersecurity experts, this patchwork of regulations has meant layer upon layer of security coding necessary to satisfy the requirements of the global market.
“When it comes to cybersecurity in the automotive sector there is not one set of regulations, so we implement a comprehensive, multi-layer defense. It’s an in-depth approach to enable security,” says Cho. “Supporting the standard is very important because if we don’t support the compliance and also the standard, we can’t even do business. Even at the R&D level there is a very critical limitation.”
The new age
Even though Canada is connected and the autonomous transportation sector may be in its infancy, Autocrypt is anticipating a major leap forward in North America. They want to be well-positioned to help transition companies into a new age of cyber security.
“Compared to five years ago and over the last year it is incomparable with respect to how much companies care about cyber security,” says Cho.
“I’d like to see the industry at a point where we can monitor the status of cybersecurity of any vehicle 24/7. So far we have found more than 10,000 hacking scenarios in electric and autonomous vehicles and I’m sure there are more. In five years there will be even more hacking scenarios. They’ll be getting better and this is something we have to anticipate and prepare for. If you don’t secure the devices there is going to be a tragedy — it’s going to be a disaster.”
To learn more about AUTOCRYPT, visit autocrypt.io.