Subscribe
Share
Share
Embed
As cars become smarter and more connected, the demand for top-tier automotive cyber security has never been higher. With expert insights from PlaxidityX, a leading automotive cyber security company, we’ll guide you through the challenges and solutions protecting millions of vehicles worldwide. Whether you’re an industry expert or just curious about how cars are secured in the digital age, this podcast comprehensively looks at how cyber defenses are developed, tested, and deployed.
We don’t just talk about the technology; we talk about what it means for you—the driver, the manufacturer, the tech enthusiast. We explore how automotive cyber security solutions are applied in real-world scenarios to safeguard everything from onboard infotainment systems to critical vehicle control units.
Tune in to gain a deeper understanding of how manufacturers are staying one step ahead of hackers and ensuring a more secure, connected world.
00:00:00:09 - 00:00:03:12
Welcome to cars, hackers and cybersecurity.
00:00:04:01 - 00:00:07:01
Here we break down the latest in automotive cybersecurity,
00:00:07:01 - 00:00:10:16
helping you stay ahead in building secure connected vehicles.
00:00:12:22 - 00:00:23:01
Hi. Today we'll explore how a joint MDR service by Plex City and Everton is redefining automotive cybersecurity shielding vehicles from evolving threats.
00:00:23:12 - 00:00:49:20
Connected cars and software-defined vehicles are revolutionizing the way we drive. While new technologies enhance our driving experience and improve safety, increased vehicle connectivity also exposes cars to greater cybersecurity risks. By exploiting software vulnerabilities, bad actors can compromise safety-critical systems, for example, breaking access to personal data or even starting a car from a remote location.
00:00:49:22 - 00:01:12:16
This was demonstrated in the infamous Tesla hack, where a 19-year-old IT specialist exploited a vulnerability in a third-party app to gain remote control of multiple vehicle functions. The latest trend in car theft, a hacking technique known as CAN injection, allows thieves to unlock, start, and steal a car in under two minutes without access to a key.
00:01:13:11 - 00:01:17:01
How data privacy regulations affect OEMs.
00:01:17:21 - 00:01:45:06
Data privacy is a key aspect of vehicle connectivity. Car data can help OEMs understand their customers better but also poses ethical and legal challenges. OEMs need to comply with data protection laws such as GDPR and CCPA that require consent, security, and transparency when handling personal data from vehicles. By following data privacy regulations, OEMs can avoid risks and build trust with their customers.
00:01:45:08 - 00:02:01:23
They can also use data privacy as a way to innovate and differentiate their products and services. By applying privacy-by-design principles and reliable security solutions, OEMs can create more user-centric and secure solutions that meet customer expectations.
00:02:02:24 - 00:02:06:04
Why OEMs need a vehicle security operation center.
00:02:06:20 - 00:02:17:08
Cyberattacks on vehicles have significant financial impacts on OEMs, from costly recalls and regulatory issues to liability and reputation damage.
00:02:17:10 - 00:02:47:20
Cyber-enabled car theft also means more claims against insurance companies, which in turn are raising their premiums for consumers and fleet operators. Reflecting these real threats, new automotive cybersecurity regulations, such as UNR 155, require OEMs to implement systems to detect, monitor, investigate, and respond to cyberattacks. By July 2020, all new or existing vehicle types will be subject to UNR 155 type approval for cybersecurity.
00:02:47:22 - 00:02:58:14
As a result, OEMs are ramping up their cybersecurity capabilities and implementing systems to help them comply with emerging automotive cybersecurity regulations and standards.
00:02:58:14 - 00:03:03:00
Over the past few years, OEMs have come to realize that their existing IT SoCs
00:03:03:00 - 00:03:22:08
are not yet optimized to handle the scale, complexities, and challenges of automotive cybersecurity. These include the need to protect millions of endpoints, 12 to 15-year vehicle lifespans, a highly complex supply chain, stringent compliance requirements, and a costly mitigation process.
00:03:22:10 - 00:03:45:10
Most importantly, unlike IT cyberattacks that target networks and data, the implications of an automotive cyberattack can be potentially life-threatening. Just imagine a scenario where a malicious hacker compromises a vehicle's braking system. With lives at stake and millions of connected vehicles already on the road, OEMs require managed detection and response (MDR)
00:03:45:10 - 00:03:46:11
solutions to monitor fleets in real time and detect potential threats before they impact the vehicle.
00:03:52:09 - 00:03:56:01
Accordingly, OEMs are building dedicated vehicle SoCs or
00:03:56:01 - 00:03:56:23
VSoCs
00:03:56:23 - 00:04:00:24
to monitor, investigate, and respond to cyberattacks in real time.
00:04:00:24 - 00:04:03:23
The solution: Streamlined MDR service
00:04:03:23 - 00:04:06:05
tailored for automotive cybersecurity.
00:04:06:13 - 00:04:09:00
Combining expertise for unmatched protection,
00:04:09:08 - 00:04:31:02
Eviden and Plaxidity have joined forces to deliver a best-in-class, end-to-end MDR service specifically designed for automotive cybersecurity. This comprehensive solution seamlessly integrates Plaxidity X's deep understanding of automotive vulnerabilities and technology with Eviden's proven managed detection and response expertise.
00:04:31:17 - 00:04:34:00
Enhanced visibility and threat detection.
00:04:34:07 - 00:04:56:08
The service leverages Plaxidity X's vehicle SIM alongside a wealth of automotive-specific use cases, playbooks, and 100+ AI models with Eviden's MDR platform, ISAAC Cyber Mesh, to maximize threat detection and visibility across entire vehicle fleets. The VCM from Plaxidity X is integrated with ISAAC,
00:04:56:12 - 00:05:05:05
where it ingests vast amounts of data from millions of sensors and components, utilizing advanced AI/ML and big data algorithms to analyze potential cyber incidents.
00:05:05:07 - 00:05:13:15
This in-depth analysis provides crucial context, pinpointing the attack source, breach location, potential impact, and more.
00:05:14:02 - 00:05:39:18
Proactive threat hunting and rapid response. Eviden's MDR service goes beyond passive detection, with continuous threat hunting across multiple vectors, including users, networks, cloud, and data centers. Its arsenal of over 100 AI models, coupled with Amazon Bedrock's generative AI engine, accelerates investigation and response orchestration.
00:05:39:20 - 00:05:47:00
Additionally, the joint solution with Plaxidity X enables swift containment of threats to minimize potential damage.
00:05:47:07 - 00:05:50:12
Expert collaboration for unbeatable defense.
00:05:50:19 - 00:06:13:08
The MDR service draws upon Eviden's team of elite security professionals, including threat hunters, forensic investigators, ethical hackers, and incident responders, who collaborate seamlessly with Plaxidity X's automotive cybersecurity researchers. This expertise ensures comprehensive threat detection and response for OEMs of all sizes.
00:06:13:18 - 00:06:15:15
Global support and scalability.
00:06:15:20 - 00:06:21:02
Eviden's robust operational infrastructure, featuring 16 next-generation
00:06:21:02 - 00:06:21:20
SOCs,
00:06:21:20 - 00:06:53:02
strategically located worldwide, ensures unwavering support for any OEM, regardless of scale or location. In essence, Eviden and Plaxidity offer an unparalleled MDR solution tailored to the unique demands of automotive cybersecurity. This collaboration delivers enhanced visibility, proactive threat hunting, rapid response, and expert guidance, empowering OEMs to confidently navigate the ever-evolving landscape of cyber threats.
00:06:53:15 - 00:06:54:22
The Secret Sauce.
00:06:54:22 - 00:07:22:08
Automotive know-how, best-in-class technology, processes, and skilled resources are important, but the secret ingredient for a truly effective VSoC service is automotive know-how. A deep understanding of vehicle architectures, protocols, and networks, together with experience in cyber technologies and research, is essential for knowing what data to assess to deduce actionable insights related to cyber risk.
00:07:22:10 - 00:07:32:18
Our joint automotive MDR offering reflects deep automotive know-how gained through over 600+ person-years in automotive cybersecurity technologies and research.
00:07:32:18 - 00:07:41:12
This domain knowledge and Eviden's deep industry expertise in its SOCs result in a high rate of detection with minimal false positives.
00:07:42:06 - 00:07:44:18
Eviden and Plaxidity X: Better Together.
00:07:45:05 - 00:07:47:08
Eviden and Plaxidity
00:07:47:08 - 00:07:54:22
offer OEMs a comprehensive VSoC MDR service, including threat hunting, incident management, and SOC operations.
00:07:54:22 - 00:08:08:13
Combining Eviden's cybersecurity and SOC expertise with Plaxidity X's in-depth automotive cybersecurity knowledge, this partnership creates a best-of-breed solution that meets the evolving cybersecurity needs of the automotive industry.
00:08:08:13 - 00:08:16:08
This joint solution enables vehicle manufacturers to proactively detect and respond to ever-increasing cyber threats,
00:08:16:08 - 00:08:20:23
reducing risks and helping them comply with new automotive cybersecurity regulations.
00:08:22:09 - 00:08:28:07
That's all for today's episode. Keep your engines running smooth and your cyber defenses sharp.
00:08:28:07 - 00:08:32:20
Stay connected by subscribing and visiting PlaxidityX.com.
00:08:32:20 - 00:08:36:20
Until next time, stay safe on the road and in the cloud.