In this podcast episode, hosts Rob Aragao and Stan Wisseman are joined by Arun DeSouza, a renowned expert in connected vehicle security and former CISO at leading automotive companies. Arun begins by highlighting the critical challenges facing connected vehicles, emphasizing the importance of security by design throughout the development lifecycle. He stresses the need for rigorous vulnerability assessments and penetration testing to prevent vulnerabilities that could lead to remote hacking or data breaches.

Arun discusses the vital role of infrastructure connectivity and encryption in securing data transmission between vehicles and the cloud. He emphasizes the necessity of secure over-the-air software updates to patch vulnerabilities promptly. Addressing the risks associated with peripheral devices connected to vehicles, Arun advocates for robust system interface protections and micro-segmentation strategies to isolate critical systems from non-critical ones.

Privacy and data security emerge as central concerns, with Arun emphasizing the importance of adhering to privacy-by-design principles. He discusses the implications of GDPR-like standards for protecting sensitive data collected by connected vehicles and underscores the need for user consent frameworks in data handling practices.

The conversation extends to the complex automotive supply chain ecosystem, where Arun stresses the importance of implementing robust security measures across third-party suppliers. He highlights the role of continuous security assessments and collaborative efforts within the supply chain to mitigate cybersecurity risks effectively.

Concluding the episode, Arun offers practical advice for consumers considering connected vehicles, suggesting they seek transparency from manufacturers regarding cybersecurity features. He encourages leveraging industry networks and expert advice to make informed decisions about vehicle purchases in 2024.

Join us for an insightful exploration of the evolving landscape of connected vehicle security.

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com