The National Institute of Standards and Technology (NIST) recently released draft standards for IoT cybersecurity that may inform similar efforts in the autonomous vehicle industry. The report, entitled “A Starting Point for IoT Device Manufacturers,” seeks to provide the IoT device industry with a better understanding of necessary and appropriate cybersecurity features. Specifically, it highlights best practices for secure software design and development. NIST is seeking public comment on its proposals through September 30, 2019.
As the broader IoT industry coalesces around specific security practices, automotive and technology companies will gather valuable intelligence on security measures that are fundamental to widespread adoption and public acceptance of autonomous vehicles. A Consumer Watchdog report warned that all of the top ten 2020 car models are vulnerable to fleet-wide hacks because of their Internet connectivity. Industry professionals are well aware of said vulnerabilities — only 14 percent of IT security professionals have high confidence in their organization’s ability to properly secure IoT devices, according to a new survey released earlier this month by Deloitte and Dragos.
Certainly, the NIST report is not the last compilation of industry best practices that will inform connected vehicles use going forward.