The automotive industry is no stranger to the challenges of business resilience and safeguarding design and manufacturing processes. Crucial security concerns, including protecting sensitive data and intellectual property, maintaining critical systems and ensuring swift disaster recovery are paramount. Now the sheer scale and pace of development of cyber crime are leaving businesses struggling to maintain effective defences. Nearly 70% of organisations have been breached by cyber attacks at least once in the past year, according to Forrester.
The complexity of global supply chains and the connectivity of modern vehicles make the automotive industry a perfect target for cyber attacks. Recent research from Kaspersky suggests that almost two-thirds (64%) of automotive industry leaders believe their supply chain is vulnerable to cyber attack at almost every stage of vehicle production. Concerns around over-the-air updates, infotainment systems and vehicle-to-vehicle communications have proven to be well founded, reinforcing safety fears about autonomous vehicles. Moreover, the risk of consumers’ data being compromised grows as connectivity increases.
Now the sheer scale and pace of development of cyber crime are leaving businesses struggling to maintain effective defences
Behind the cyber security curve
Recognising growing cyber risk, new international legislation comes into force from July 2024 to improve cyber security measures across the entire automotive sector. Under the new UN155 and 156 regulations, all original equipment manufacturers (OEMs) and supply chain partners must implement cyber security solutions to protect against cyber attacks throughout the full vehicle lifecycle, from development and production through to customer-use.
However, research indicates that the automotive sector is ill prepared to comply with these regulations. Two in five (42%) C-level decision makers are ‘without a plan’ to meet the deadline, and a further two thirds (63.5%) are ‘not very involved in planning’ for compliance, despite recognising its importance. With the potential for a cyber security compromise to result in loss of life, the consequences for automotive manufacturers have been made deliberately are severe—failure to comply could lead to vehicle production being shut down.
Confronting challenges
The unpleasant truth is that cyber risk is accelerating at a higher rate than investment on cyber defences. Easy-to-use portals and Ransomware-as-a-Service (RaaS) operating models have been the catalyst for a rapid rise in cyber attacks, and AI-driven developments are further exacerbating the problem.
In the face of ever-growing cyber risk, increasing IT infrastructure complexity is making it harder than ever for businesses to secure corporate systems. Traditional on-premise workstations and other user devices pose a substantial risk to continuity and security: they’re expensive and time-consuming to procure, maintain and update. According to Arctic Wolf, 45% of incidents in 2023 could have been mitigated through available security patches.
The shift towards flexible work patterns has only aggravated the issue. Remote working models and cloud adoption offer expanded attack surfaces and obscure visibility, hindering cyber defence measures. The Arctic Wolf report shows that around half of all data breaches originated in the public cloud, but almost two-thirds of IT leaders believe they are not effectively securing their cloud resources.
Compelling case for VDI
With future industry success reliant on automotive businesses adopting new technologies to improve global collaboration, according to McKinsey, IT leaders face a new challenge: finding a sustainable solution that improves employee mobility and productivity, without increasing cost and complexity. Many are considering (or reconsidering) virtual desktop infrastructure (VDI). And why not?
VDI offers industry professionals secure remote access to the tools and data they need to work efficiently, while overcoming common vulnerabilities inherent in Remote Desktop Protocol (RDP) and Virtual Private Network (VPN) solutions. With VDI, data is stored securely and centrally, with access granted to remote workers to the tools and data they need to work on a specific project via a virtual desktop. IT teams can easily enable or disable features for different users to ensure consistent policy-based access control. New apps, updates and security patches can be quickly rolled out to all users to address vulnerabilities and reduce duplication and rework.
Because virtualisation centralises data, rather than storing it on endpoint devices, risk of data breaches, loss and corruption is reduced. Business continuity is further enhanced by the ability to rapidly provision IT for new joiners and spin up new virtual desktops to get users back up and running fast in disaster recovery situations.
A holy grail
That’s not to say VDI hasn’t been problematic—it has. Organisations in some industry sectors, including automotive, have tried and failed to deploy VDI successfully across their workforce. Unfortunately, they soon discovered off-the-shelf VDI platforms struggled to cope with huge engineering datasets and specialist design applications such as AutoCAD, Creo Parametric 3D Modelling, Autodesk, SolidWorks and Fusion 360. These issues have not been helped by evolving visualisation and rendering requirements, placing growing demands on infrastructure and IT teams and effectively chaining power users to their office IT set up.
So, how can automotive businesses achieve what many deem out of reach?
Substandard user experience will stop any IT project in its tracks. Inadequate compute or storage resources, substandard WAN connectivity, latency issues, poor app optimisation and client device problems are also common deployment issues. So, the first step is to seek out technologies purpose-built and optimised for the sector. Successful long-term delivery of these customised environments requires continuous diligent monitoring of the VDI technology to overcome these obstacles, ensure users receive the best possible experience and unlock full VDI potential.
In the current climate, addressing cyber security concerns has never been more pressing. To ensure security and compliance for data accessed on remote systems, it’s important that IT leaders can choose where VDI workloads sit. Given the highly sensitive nature of automotive design and engineering, a private cloud setup that adheres to compliance and data sovereignty requirements may be preferred over public cloud. VDI can be consumed on-premise, in the cloud, or in a seamless hybrid model to suit individual business needs.
With VDI, data is stored securely and centrally, with access granted to remote workers to the tools and data they need to work on a specific project via a virtual desktop
It’s also worth being honest about in-house resources when considering who will manage what: in-house managed options like Azure Virtual Desktop and on-premise VDI, or a fully managed Desktop-as-a-Service solution from a provider who understands industry needs, virtualisation in the cloud and how sector-specific apps and network services behave together. Many design and engineering companies have found leveraging industry experience has been invaluable in helping them achieve the best return on their VDI investment, enabling them to unlock much greater value for around the same outlay.
Partnership possibilities
Boosting productivity has been a long-term ambition of the automotive industry to gain competitive advantage in an ever-changing marketplace. Continued turbulent conditions are driving firms to work ever faster and smarter throughout entire vehicle lifecycle to better empower global workforces and supply chains. Now rising cyber risk and imminent legislation mean businesses are facing mounting challenges.
Purpose-built solutions have now proven effective in enabling secure collaboration, boosting productivity and resilience across the entire industry. In the right hands, these technologies are creating secure digital workspaces enabling industry professionals to work effectively from wherever they are, while also helping to overcome growing cyber security concerns.
With a history of evolution, the automotive industry is well placed to take this latest challenge in its stride, leveraging technology and new skills to overcome obstacles. The journey towards success in the automotive industry has always been a collaborative one. As organisations increasingly turn to emerging technologies and rapid scale-up of enterprise-wide solutions, forging partnerships with specialist suppliers will help provide the answers, bringing new opportunities for automotive firms to thrive.
About the author: Rob Smith is Chief Technology Officer at Creative ITC