The automotive industry stands at a defining crossroads. What was once driven by mechanical precision is now governed by lines of code. Vehicles are becoming software-defined platforms, AI and robotics power factories, and dealerships are evolving into digital ecosystems. This shift has unlocked enormous potential — but also unprecedented cyber risk.

As Keven Knight outlines in his insightful piece, “When Cyber Meets the Automotive Industry: Why Cyber Security in Automotive is Now an Imperative, Not a Choice,” the transformation sweeping across the automotive sector has turned cars, factories, and retail systems into high-value targets for cybercriminals.

From Engineering Excellence to Digital Exposure

Today’s vehicles contain dozens of Electronic Control Units (ECUs) connected through intricate networks. They receive over-the-air (OTA) software updates, communicate with infrastructure through V2X systems, and store vast amounts of driver and operational data. Each of these digital capabilities — while revolutionary — represents an open door for attackers.

The recent ransomware attack on CDK Global, which crippled thousands of dealerships across North America, illustrated the fragility of the automotive retail layer. Similarly, Jaguar Land Rover’s factory shutdown following a cyber incident revealed how even the most established manufacturers remain vulnerable. In both cases, operational disruption and data loss ran into the hundreds of millions.

Knight rightly observes that each layer of the automotive value chain carries distinct risks:

• OEMs wrestle with software vulnerabilities and patch management.
• Tier 1 and Tier 2 suppliers face IP theft and supply chain compromise.
• Dealership networks depend on cloud-based platforms that can fail catastrophically if attacked.

Despite these nuances, too many organisations still rely on generic cybersecurity solutions not built for automotive realities.

The Expanding Digital Threat Landscape

The automotive ecosystem is evolving faster than most security strategies can keep up. Decades of legacy technology now coexist with connected and cloud-native systems, creating a fragmented digital terrain that’s difficult to map or secure.

Knight identifies several key cyber drivers shaping today’s automotive risk profile.

1. Digital Connectivity — Connected vehicles, telematics, and OTA systems expand the attack surface from the factory to the driver’s dashboard.
2. Complex Supply Chains — With hundreds of vendors linked through shared data and systems, one breach can ripple across thousands of endpoints.
3. Software Dependence in Dealerships — Dealer management systems (DMS) and CRM platforms now underpin customer engagement, service, and financing.
4. Regulatory Pressure — The EU Cyber Resilience Act (CRA) and UNECE WP.29 mandate cybersecurity by design across the entire lifecycle.
5. Brand and Consumer Trust — A single data breach or software-based recall can destroy years of brand reputation overnight.

Cars Are Now Data Centres on Wheels

The modern car is effectively a mobile computing system, constantly sending and receiving data via cellular and cloud networks. OTA updates, once hailed as a convenience, now form part of the IT/OT threat surface. If these delivery pipelines are compromised, attackers can inject malicious code or alter vehicle functions remotely.

Recent studies reveal the scale of the problem:

• The automotive industry faced $22.5 billion in cyberattack costs in the past year.
• Researchers have demonstrated remote exploits allowing hackers to control steering, braking, and transmission.
• In one case, a vulnerability in Kia’s web API allowed attackers to start engines and unlock vehicles remotely

This shift marks a new era — one where automotive cybersecurity directly intersects with physical safety.

The Factory Floor: Cyber Risk in Motion

While vehicle hacks capture headlines, the factory floor is equally exposed. The convergence of Operational Technology (OT) with traditional IT networks has opened powerful new efficiencies — but also new attack paths.

Manufacturing plants run on robotic arms, sensors, and PLCs that were never built with security in mind. When attackers exploit unpatched firmware or unsecured remote access, they can halt production, corrupt quality data, or even endanger workers.

According to recent industry analysis, manufacturing now accounts for over 20% of all cyber incidents, with automotive ranking among the most targeted sectors. The financial and reputational damage from even a short operational outage can be immense.

Regulation, Resilience, and Responsibility

The introduction of the EU Cyber Resilience Act represents a watershed moment for the industry. It requires every component, system, and digital service sold in the EU to demonstrate ongoing cybersecurity throughout its lifecycle. For OEMs and suppliers, this isn’t just a compliance issue — it’s a strategic imperative demanding cultural and operational transformation.

To meet this challenge, organisations must gain complete visibility of their digital assets, strengthen governance across distributed environments, and adopt proactive threat detection that aligns with how they actually operate.

Building a Resilient Future

As Knight and his colleagues at Talion argue, cybersecurity in automotive must be domain-specific and operationally embedded. Solutions such as Managed Detection & Response (MDR), Hybrid SOC operations, Threat Intelligence, and RiskAssure™ cyber due diligence offer the visibility, context, and agility needed to stay ahead of evolving threats.

Cybersecurity is no longer a bolt-on to innovation — it is the foundation upon which innovation, safety, and brand trust depend.

Because in the software-defined era of mobility, the question isn’t whether you’ll be targeted — it’s whether you’ll be ready. Have a great week!

Credit: Original article by Keven Knight, “When Cyber Meets the Automotive Industry: Why Cyber Security in Automotive is Now an Imperative, Not a Choice”, published on LinkedIn.