For too long, the automotive industry has fallen back to the sidelines in the discussions around cybersecurity, with industry professionals and policymakers alike honing in on more traditionally threatened industries instead.

But while these industries have built up a solid line of defense, the automotive sector remains unguarded and unarmed, leaving manufacturers and their customers exposed to increasingly vicious cyberattacks.

Vehicles are more connected than ever, and the features hackers can exploit are stacking up. We’ve seen hackers remotely access vehicles by interfering with key fobs or by manipulating vehicle functions like steering or acceleration. And there’s the concerning trend of bad actors manipulating driver-assistance features like proximity sensors – putting drivers directly in harm’s way.

2025 is the year manufacturers could find themselves at the center of the next big wave of cyberattacks – unless they double their investment in cybersecurity talent. Manufacturers must work to hire and retain cybersecurity talent and build out robust internal cybersecurity strategies. They also must implement post-market features for threat monitoring and response.

Talent is at the heart of every company, which is why vehicle manufacturers’ first line of defense must be their people. That means hiring and retaining cybersecurity professionals with proven experience managing cybersecurity threats.

Industries like healthcare, government and finance – those that most often come under fire from cyberattacks – are a treasure trove of cybersecurity talent. They’ve hired some of the best in the industry to build up their cybersecurity strategy. Manufacturers would be remiss not to hire directly from it.

Cyberattacks in healthcare and finance are largely consumer focused, as is the case in the automotive industry. Cybersecurity professionals from these sectors will have the experience needed to navigate the cyber-threat landscape, and can adeptly respond to any attacks on customer-owned vehicles.

Hiring top cybersecurity talent is a prerequisite for a successful cybersecurity strategy. Manufacturers must deploy competitive hiring practices – and that means doubling their investment in hiring and talent retention. Manufacturers must be ready and willing to offer competitive salaries and best-in-industry benefits if they want to lure top talent away from their current employers.

But hiring is only part of the challenge; manufacturers must demonstrate that they are invested in the professional development of their employees, if they want to retain their staff. Offering continuous training and upskilling and a clear pathway for career growth are all essential for retaining top talent.

Beyond onboarding new talent, manufacturers must ensure that all staff undergo cybersecurity training. They must be trained to spot cybersecurity risks at the design and engineering stage, mitigating threats before the vehicle’s even made it to the production line.

Having an in-house team of top cybersecurity talent is key to achieving this cross-department upskilling; they’ll be vital to ensuring that the training provided aligns with company requirements.

Then, with an in-house cybersecurity team in place, manufacturers must draw up a robust, fully-informed cybersecurity strategy, including measures for identifying, managing and responding to threats. Given the potential size, scale and complexity of cybersecurity attacks carried out on user-operated vehicles, partnering with cybersecurity bodies is a way to ensure timely and effective incident responses.

Public-private partnerships are common in cybersecurity and an avenue the automotive industry must go down. There are public bodies across a range of different regions, such as the U.S.-based Automotive Information Sharing and Analysis Center and the EU Agency for Cybersecurity. Manufacturers can localize their cybersecurity response by ensuring each subsidiary manufacturing plant partners with their local organization.

It’s a sure-fire way for a manufacturer to strengthen their cybersecurity approach and allows for intelligence sharing, joint incident responses and more-efficient and timely threat detection – all of which are crucial in the fast-moving cybersecurity space.

The automotive industry’s cybersecurity vulnerabilities don’t end once a vehicle’s gone to market.

It’s essential that manufacturers implement robust procedures for continuous, proactive threat detection – ensuring the safety of the driver once the vehicle is out on the road. With hackers increasingly looking to exploit connected vehicle features, this is an area manufacturers need to keep a close eye on.

With the relevant cybersecurity talent in place, manufacturers can develop and implement effective threat responses. Whether that’s the ability to roll back software or devising consumer-facing apps to communicate threats with vehicle owners directly, manufacturers must ensure rapid action can be taken to minimize the threat of harm.

Combining the work of its in-house cybersecurity team and its partnership with a cybersecurity body, vehicle manufacturers can devise and implement customer-facing software that enables instant threat detection, self-reporting and guidance.

Manufacturers must begin to iron out the weaknesses in their cybersecurity strategy by bringing on board new talent, working closely with national cybersecurity organizations and taking a proactive, customer-first approach to post-market threat detection. The longevity of the industry and the safety of their customers depends on it.

About the Author