Cybersecurity in Automotive - Thematic Research

Cybersecurity in Automotive - Thematic Research

Summary

The global cybersecurity industry will grow from $125.5 billion in 2020 to $198.0 billion in 2025 at a compound annual growth rate (CAGR) of 9.5%, according to GlobalData forecasts. Since the infamous Jeep hack reported by Wired in 2015, the automotive industry has been painfully aware of the importance of cybersecurity. The ongoing burden of cyber breaches and cyberattacks will fall on car manufacturers since their systems and software will be at fault. Over the next few years, the implementation of standards and regulations will help automotive companies implement best practices.

Cybersecurity is the body of technologies, processes, and practices designed to protect networks, computers, programs, and electronic data from attack, damage, or unauthorized access.

The global cybersecurity industry will grow from $125.5 billion in 2020 to $198.0 billion in 2025 at a compound annual growth rate (CAGR) of 9.5%, according to GlobalData forecasts.

Cybersecurity is crucial for all automotive businesses

We are entering the Code War era, where every digital device, no matter how small, can be weaponized. Cybersecurity in vehicles has to be extensive, defending both the frontend and backend of vehicle systems and all the infrastructure upon which connected cars rely.
Original equipment manufacturers (OEMs) have to deal with human ingenuity that goes far beyond known threats. The enormous cost of infrastructure and resources needed to engineer and test cybersecurity for vehicles puts many OEMs on the back foot. With an estimated 300 million lines of code expected in a Level 5 autonomous vehicle, there will be an estimated 180,000 bugs in the code, amounting to some 15,000 security vulnerabilities. The importance of comprehensive cybersecurity in automotive cannot be overstated.
In automotive, cybersecurity is still in its infancy
The core competencies of OEMs cover the design, development, and production of components. Cybersecurity is not a core competence, meaning they lack the technical expertise required to implement effective cybersecurity measures. This leads to outsourcing, with OEMs often meeting only the most basic cybersecurity requirements to save on cost.
With the UN Economic Commission for Europe (UNECE) Regulation 155 coming into force in July 2022, the development of the ISO/SAE 21434 standard, and countries from the US to China adopting local regulations and oversight, there is a real requirement for manufacturers to get up to speed on cybersecurity, and to do so quickly.

Leaders and challengers

Below we list some of the leaders and challengers in cybersecurity across the automotive ecosystem.

OEMs

Leaders: BMW, General Motors, Hyundai, Mercedes-Benz.
Challengers: Kia, Lexus, Mahindra & Mahindra, Subaru, Suzuki.

Suppliers

Leaders: Aptiv, Continental, Denso, Infineon, Johnson Controls, Valeo.

Challengers: Aisin, Bosch, Faurecia, Mahle, Veoneer, ZF.Specialist vendors and service providersLeaders: Argus Cyber Security, Cybellum, Horiba Mira, Karamba, Majenta Solutions, Upstream Security, WISeKey.

Key Highlights

• The cybersecurity vulnerabilities specific to the auto industry are numerous. Hackers could compromise the safety and advanced driver assistance systems (ADAS) of a vehicle in use or, worse, manipulate any autonomous functionality to directly cause a crash. Bad actors could also access vehicle occupants’ private information such as current location, previous GPS destinations, or smartphone contacts. As automakers increasingly rely on over-the-air (OTA) updates to remotely add or upgrade vehicle features, cybersecurity efforts will be needed to ensure these methods are insulated from threat actors.
• At a higher level, automotive companies are also at risk of industrial cybercrime, such as the theft of valuable tech secrets or damage to their digital infrastructure. Insurance firm Munich Re expects global cybercrime damage across all industries to reach $10.5 trillion by 2025 compared to $6 trillion in 2021. The risk of cybercrime in the automotive industry continues to grow as vehicles become more connected and introduce more digital functions. Cybercrime already poses a significant threat to automotive players, with the well-known case of the Landwind X7 copying the design of the Range Rover Evoque being a prime example.
• Ransomware attacks impacted Honda, Volkswagen (VW), Peugeot, and Kia across 2020 and 2021, with other OEMs suffering data breaches. Many of the largest OEMs are still woefully unprepared, as demonstrated by a 2021 CyberAware survey of the 14 OEMs responsible for $1.1 trillion in car industry revenue annually. CyberAware identified over 800,000 unprotected documents hosted on exposed servers, clouds, and databases, with 215,000 employees having exposed or compromised credentials. The exposed information included commercial details, email exchanges, contracts, invoices, and technical data.

• The detailed value chain comprises 14 segments, ranging from chip-based security to identity management, network, endpoint, cloud, and application security, and services such as managed security, post-breach response, and risk and compliance. Leading and challenging vendors are identified across all 14 segments.
• Challenges the automotive sector is currently facing are outlined, and the ways they impact cybersecurity are addressed.
• Details of specific use cases of cybersecurity in the automotive sector are given,
• Forecasts are given for cybersecurity revenues to 2025 split by software, services, and hardware. Comprehensive industry analysis is also provided, looking at patent, company filing, hiring, and social media trends related to cybersecurity in the automotive sector.
• It contains details of global M&A deals driven by the cybersecurity theme, and a timeline highlighting milestones in the development of cybersecurity.

• Understand the impact cybersecurity is having in the automotive space. Identify the emerging trends in the theme and how these developments might advance in the future. Learn about the different use cases and where they are emerging. View market and forecast data for the sector.
• Source the leading vendors for cybersecurity in the automotive industry from our winners lists and shortlist potential partners based on their areas of expertise.
• Quickly identify attractive investment targets by understanding which companies are most advanced in the themes that will determine future success in the automotive industry.
• GlobalData’s thematic research ecosystem is a single, integrated global research platform that provides an easy-to-use framework for tracking all themes across all companies in all sectors. It has a proven track record of identifying the important themes early, enabling companies to make the right investments ahead of the competition, and secure that all-important competitive advantage.