It’s been several months since we surveyed top automotive executives and insiders on the major legal issues facing the industry for our 2023 Automotive Trends Report.

As the automotive world continues to evolve and navigate a shifting legal landscape, we look at some of the major themes driving it forward… and the ones that might be in the rearview mirror.

With automotive cybersecurity progressing at lightspeed, Dante Stella, Kimberly Holmes, and Cinthia Motley predict what’s next.

Trending up:

Malware sophistication

As the software that connects us to our vehicles becomes more complex, so does the software that connects others to them. Eighty percent of respondents to our 2023 Automotive Trends Report viewed “ransomware and extortion tactics” as the greatest cybersecurity threat to the automotive industry—and that number may be on the rise. In the past few months alone, we can point to examples of cyberattacks hitting nearly every corner of the industry: Consumer data has been breached at manufacturers, ride-hailing applications, and even digital license plate providers. Hackers also used supply-chain attacks to target the customers of software companies by inserting malware at the point of software distribution. Practices like these underscore the urgency for more robust cybersecurity measures and proactive strategies to protect the privacy and safety of vehicle owners.

Trending down:

Obsolete hardware usage

Software-defined vehicles (SDVs)—in which most of a vehicle’s functionality is controlled, managed, and updated through software rather than relying on hardware components—are the new paradigm in the automotive industry. As traditional hardware becomes more standardized and the technical knowledge gap continues to shrink, the market for SDVs is expected to balloon from $36 billion in 2022 to $150 billion by 2030. But despite advantages like over-the-air updates or enhanced real-time diagnostics and patching, SDVs bring forth a rising tide of cybersecurity challenges for OEMs because they have more functionality in common with standalone PCs than they do the microcontrollers of old. When a vehicle is controlled by a commercially available CPU, it inherits the vulnerabilities of a commodity processor plus the operating system (like Linux) that runs on it plus any additional layers of software (such as OEM or third party applications). Hence, although specific obsolete hardware seems like less of a problem, newer hardware creates newer hazards, including economies of scale and larger hacker bases.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Dante A. Stella Dante A. Stella

Dante Stella is a creative, logical, and efficient problem solver who focuses his practice on litigation and investigations that involve challenging legal, factual, and data management issues. He also provides non-litigation counseling to clients on information lifecycle management, information infrastructure, and electronic discovery…

Dante Stella is a creative, logical, and efficient problem solver who focuses his practice on litigation and investigations that involve challenging legal, factual, and data management issues. He also provides non-litigation counseling to clients on information lifecycle management, information infrastructure, and electronic discovery readiness planning.

Photo of Kimberly Holmes Kimberly Holmes

Kimberly Holmes is responsible for oversight and management of Dykema’s incident response program and data privacy and security matters for the firm on behalf of Fortune 100 and 200 clients, as well as midsize client organizations across multiple industry verticals. She utilizes more

Kimberly Holmes is responsible for oversight and management of Dykema’s incident response program and data privacy and security matters for the firm on behalf of Fortune 100 and 200 clients, as well as midsize client organizations across multiple industry verticals. She utilizes more than 20 years of executive and management experience in the specialty lines insurance industry to collaborate with insured clients, brokers, industry experts, and carriers, as needed, to achieve optimal business solutions across multiple industry landscapes.

Photo of Cinthia Granados Motley Cinthia Granados Motley

Cinthia Granados Motley is the Director of Dykema’s Global Data Privacy and Information Security practice group. She has an active national and international practice assisting clients implement effective information security practices, address current and emerging regulatory compliance issues, including cross-border data transfer and…

Cinthia Granados Motley is the Director of Dykema’s Global Data Privacy and Information Security practice group. She has an active national and international practice assisting clients implement effective information security practices, address current and emerging regulatory compliance issues, including cross-border data transfer and information governance, as well as litigation readiness and regulatory inquiry matters. She routinely acts as incident response counsel to national and multi-national entities, as well as privacy litigation counsel. In her litigation practice, Cinthia handles consumer and privacy litigation, international contract disputes, directors and officers liability, ERISA, e-discovery and  professional liability matters. She routinely counsels clients in complex commercial disputes both domestically and abroad.