Data collected through connected cars will present automakers with tremendous business opportunities to enhance customer experiences while at the same time also posing inherent risks, according to a new KPMG report, Your Connected Car is Talking: Who's Listening?
KPMG's national automotive leader, Gary Silberg, notes that, while OEMs can use data collected through connected vehicles to optimise performance, reliability and safety of vehicles they produce, failure to get cyber-security right could have a
Data collected through connected cars will present automakers with tremendous business opportunities to enhance customer experiences while at the same time also posing inherent risks, according to a new 1981 KPMG report, Your Connected Car is Talking: Who's Listening?
KPMG's national automotive leader, Gary Silberg, notes that, while OEMs can use data collected through connected vehicles to optimise performance, reliability and safety of vehicles they produce, failure to get cyber-security right could have a lasting impact on brand.
"Unlike most consumer products, a vehicle breach can be life-threatening, especially if the vehicle is driving at highway speeds and a hacker gains control of the car," says Silberg. "That is a very scary, but possible scenario and it's easy to see why consumers are so sensitive about cyber-security as it relates to their cars."
In a separate recent report, KPMG research of 450 consumers found that 82 per cent would be wary of buying a car from an automaker if they had been hacked. Despite the strong sentiments among consumers about hacking, that same report also found that two-thirds of automakers hadn't invested in information security over the past year.
"The newest asset in the automotive world is data," said Danny Le, KPMG's automotive leader for Cyber Security Services. "Data is becoming a currency with actual value and must be protected. A failure to do so could have long term consequences for automakers."
KPMG suggests 10 initiatives for automakers to consider when trying to balance the potential business opportunities while recognising the risks associated with mishandled or compromised information. These include embedding security and privacy at the earliest phases of product and software development and including cyber-security in enterprise-wide risk governance. They also suggest focusing on not just on the data but also on the entire network, preparing for emerging security risks, encryption of information coming into the master computer and testing vulnerabilities, among others.
KPMG's national automotive leader, Gary Silberg, notes that, while OEMs can use data collected through connected vehicles to optimise performance, reliability and safety of vehicles they produce, failure to get cyber-security right could have a lasting impact on brand.
"Unlike most consumer products, a vehicle breach can be life-threatening, especially if the vehicle is driving at highway speeds and a hacker gains control of the car," says Silberg. "That is a very scary, but possible scenario and it's easy to see why consumers are so sensitive about cyber-security as it relates to their cars."
In a separate recent report, KPMG research of 450 consumers found that 82 per cent would be wary of buying a car from an automaker if they had been hacked. Despite the strong sentiments among consumers about hacking, that same report also found that two-thirds of automakers hadn't invested in information security over the past year.
"The newest asset in the automotive world is data," said Danny Le, KPMG's automotive leader for Cyber Security Services. "Data is becoming a currency with actual value and must be protected. A failure to do so could have long term consequences for automakers."
KPMG suggests 10 initiatives for automakers to consider when trying to balance the potential business opportunities while recognising the risks associated with mishandled or compromised information. These include embedding security and privacy at the earliest phases of product and software development and including cyber-security in enterprise-wide risk governance. They also suggest focusing on not just on the data but also on the entire network, preparing for emerging security risks, encryption of information coming into the master computer and testing vulnerabilities, among others.
