DETROIT -- If the 500-strong crowd at the Billington Global Automotive Cybersecurity Summit here today is any indication, cybersecurity now has the automobile industry’s undivided attention.
The message from speaker after speaker was simple: Global security threats are rising, and if industry, government and law enforcement don’t combine forces to counter those threats, the advances being made in connected and autonomous vehicles could be set back years.
“We know these terrorist groups have the capability. If they’re trying to get trucks to drive into crowds of civilians, it doesn’t take too much imagination to imagine they’d try to do the same thing with an autonomous vehicle,” said John Carlin, assistant attorney general for national security at the U.S. Department of Justice. Carlin was referring to the July 14 terrorist attack in Nice, France, that killed 80 people.
Carlin was one of a lengthy list of top speakers who gathered in Detroit for this event. The Billington Summit was no ordinary session of computer nerds discussing the technical aspects of writing software code and threat detection. Rather it was a high-level gathering of industry, government and law enforcement leaders, including Transportation Secretary Anthony Foxx and National Highway Traffic Safety Administration chief Mark Rosekind.
General Motors CEO Mary Barra opened the summit with a keynote speech who called for a unified response to cyber threats.
“A cyber incident is not a problem just for the automaker involved,” she said. “It is a problem for every automaker around the world. It is a matter of public safety.”
Attendees agreed that responding to cyber threats requires the sort of collaborative effort the auto industry is not always known for -- collaboration between competitors, cooperation with regulators.
The 'highest bar'
U.S. Sen. Gary Peters, D-Mich., said the auto industry has to have the “highest bar” of any industry when it comes to cybersecurity.
“If someone takes your money out of your bank account, that’s a bad thing. But if someone crashes your car into a wall, that’s catastrophic,” Peters said. “If that happens, all of the incredible things that are happening with this industry and this technology will come to a halt pretty quick.”
Dealers have major cybersecurity concerns, too. Speaking on the sidelines at the summit, National Automobile Dealers Association President Peter Welch said that dealer management systems -- which handle operations such as payroll, inventory and customer-relationship management -- are vulnerable.
The DMS systems are an area “where we have a plethora of consumer issues that need to be locked down, and we’re encountering hacking and penetration into those systems.” He said the increased use of over-the-air software updates to vehicle systems is also an issue. The recent crash of a Tesla Model S shows dealers will have to know the limitations of complex new systems in vehicles.
Sam Abuelsamid, an analyst for Navigant Research, said the size of the Billington Global Automotive Cybersecurity Summit crowd and the participation of top tier speakers show the industry has come a long way in addressing the issue.
“The change in the last 18-24 months has been dramatic,” Abuelsamid said. “We’ve gone from outright denial to acknowledging that security is the top priority for enabling all these other technologies.”
Enabling the potential
Rosekind believes autonomous vehicles have tremendous potential to save lives and that it’s urgent the industry get cybersecurity right to enable that potential.
“We cannot wait to for perfect. We will lose too many more lives while we’re waiting for perfect,” he said. “And just tying to 32,500 [lives lost last year in U.S. traffic accidents], over 2 million injuries, over 5 million crashes, the toll it takes in lives, money and our society is just tremendous. Last year the number of fatalities went up 8 percent.
“We’re in a bad place. We’re desperate for anything we can find that can save more of those lives.”