| Description |
Digital attacks are becoming vastly common, and global events like the COVID-19 pandemic only press the accelerator pedal further. Cybersecurity regulations enforce security standards for a given industry but are slow to do so for emerging vulnerabilities. The automotive industry is a novel and critical example as vehicles become increasingly connected to and dependent on the internet. This paper addresses the need for global, rather than currently regional, regulation of automotive cybersecurity. Considering the immense risks of user information, particularly location data, and even compromising a driver's control of a vehicle, the paper explores the challenges of regulating companies from around the globe to mitigate such risks. Through synthesizing existing regulations, regulations of other industries, and the present threat landscape, the paper reports on the gap between current automotive cybersecurity regulations and what is necessary to best maintain the confidentiality, integrity, and availability of information produced and accepted by connected vehicles. The paper stresses the implications of such attacks and their scale, which incorporates not only those in a connected vehicle but also those sharing the road and the nearby area. Findings include how global cybersecurity regulations in other sectors may apply to automobiles, the nuances of regulating the industry, and key recommendations. |
