One of the most radical changes brought on by the digital transformation in the automotive industry is the arrival of the connected car. This technology, which once seemed so futuristic, is now becoming more and more commonplace. It is very likely to become the norm over the next few years.
However, because of its reliance on the Internet, the automotive industry is one of the sectors, along with the pharmaceutical sector, that is most at risk: Accenture estimates that the automotive industry could face cybercrime costs of up to $505 billion between 2019 and 2023.
The technological leaps forward in the automotive sector – or any sector for that matter – go hand in hand with a new set of challenges, especially with regards to security.
Among the main IT security challenges for the automotive sector are:
- Cyberattacks, especially ransomware. Manufacturers and dealerships are a natural target for cyberattackers given the quantity of sensitive data that they handle, their industrial secrets, and the amount of money that moves in the industry.
- The fact that dealerships vary in size, quality, level of IT knowledge and budget adds to the challenge.
- The increased attack surface due to the proliferation of devices used in automotive companies for a range of tasks: making orders in the supply chain, quality control, and even for manufacturing the cars themselves.
- And when it comes to connected cars… Several security researchers have shown that it is possible to hack these systems. The most dramatic example of this was in 2015, when two researchers took over a connected car, taking control of the radio, the brakes, and even the steering wheel.
Given how vulnerable the sector can be, inserting malicious software could seriously endanger company operations, disrupt business, and even derail fleets of vehicles. This would of course lead to economic losses or even endanger drivers’ safety.
Case study: Nicholas Mee & Co Ltd.
The company Nicholas Mee & Co Ltd is one of the few Aston Martin specialists in the UK. It sells, maintains, restores and rebuilds some of the world’s most iconic luxury sports cars.
In order to offer its clients the most professional service possible, Nicholas Mee supports its factory-trained engineers with a range of digital tools. Tablets, smartphones and other devices are used daily to provide its employees with instant access to key information for their work: orders, availability of pieces, and information about tasks.
Using these technologies has improved the company’s service. However, it has also increased the risk of being attacked by cybercriminals who want to steal information and hold it ransom.
Nicholas Mee works with Alchemy Systems, a business IT solutions provider, to manage their wide range of end-to-end IT solutions, from Internet connection to remote desktops.
The problem
Alchemy began to detect an increasing number of attacks that were trying to infiltrate the Nicholas Mee systems. This is a common problem in the automotive industry, which is facing a daunting task when it comes to dealing with network and IT security.
Upon revising the systems currently in place, Alchemy discovered that the security solution wasn’t able to detect or block ransomware attacks. Traditional methods were not enough, and it was time to take immediate measures.
Evaluation of cybersecurity solutions
Nicholas Mee stores a large amount of sensitive data about its clients on the company systems. This means that it required a security solution capable of responding to attacks and preventing data breaches – something that became particularly pressing in light of the introduction of the GDPR in May 2018.
After analyzing the market to look for a cybersecurity solution, Alchemy decided to migrate Nicholas Mee to Panda Adaptive Defense 360. The main reason for this migration was the anti-ransomware protection that the solution provided.
Panda Adaptive Defense 360 provides visibility and total control of everything that happens on the customer’s computers. It monitors, registers, and classifies 100% of applications running on the network. This capability, along with endpoint detection and response (EDR) features, means that the solution is capable of detecting and stopping malware and ransomware, so that it cannot spread to other systems. What’s more, the system helps the company to keep its clients’ sensitive information safe and therefore to comply with the GDPR.
One major advantage for Nicholas Mee, given its extensive use of devices of all types, are the mobile device management features, which offer end-to-end control. These features mean that it is possible to manage different kinds of devices – Macs, PCs, mobile devices, and servers – all in real time. This capacity is fundamental for reinforcing the company’s security.
The solution
In the words of Nathan Mills, Director of Alchemy, “Being able to provide a ‘one-stop shop’ that’s able to manage multiple endpoints within one solution is a huge benefit for both Nicholas Mee and us as their IT support. Endpoints present the easiest way for cybercriminals to access networks and valuable information, so it was important that any new solution could monitor every device to ensure complete protection.”
“In terms of the manageability and capability of the product, there simply isn’t anything better on the market,” said Neal Garrard, Commercial Director at Nicholas Mee. “Protecting our customers’ data is vital for both business continuity and meeting GDPR regulations, and Adaptive Defence 360 has become a critical part of securing our systems across the business.”
Nathan Mills concludes, “As a reseller, Alchemy need to be able to offer
products that match the needs of our customers’ business. No other solution on the market does that better than Panda.”
Find out more information about this case study of the implementation of advanced cybersecurity here: