Munich Cyber Security Program (MCSP)

Vehicles aren't prepared for investigations--what this means for consumers: - Criminal investigations will take longer - Data breaches and vehicle hacks will be more difficult to solve - Insurance claims, disputes, and appeals will be unbalanced - National security is compromised While these examples are only a small handful of impacts caused by the lack of forensic readiness, it demonstrates the urgency we must work with to implement meaningful benchmarks, processes, and readiness plans. The MCSP is a ComCode GmbH initiative. #automotivedigitalforensics #connectedvehicleecosystem #lawenforcement

What does privacy by design look like? We have spent many months researching automotive data privacy, and the prime consideration for the connected vehicle ecosystem is, what would this look like in the automotive industry? How do we manage vehicle data throughout a vehicle lifecycle, utilizing an end-to-end approach? This diagram addresses these questions at a high level, with the intent of spurring conversation. Let us know what you think in the comments below! OEMs such as the Volkswagen Group, Stellantis, and the BMW Group have begun this process, and it's imperative that all members of the supply chain understand the risks and make changes to their cybersecurity posture accordingly. The MCSP is a ComCode GmbH initiative. #privacybydefault #privacybydesign #connectedvehicle #automotivedataprivacy

Data Breach Threat Forecast It's critical that organizations not only understand what current data breach impacts are, but also make effective projections about what we should expect moving forward. Here is a visual breaking down our threat forecast regarding automotive data #privacy. If you have further questions, please message us! The MCSP is a ComCode GmbH initiative. #automotivedataprivacy #privacybydesign #connectedvehicle

What should my company expect after a data breach? This is a question that every business should ask themselves BEFORE facing a data breach, as a form of #risk management--there are multiple elements that companies must consider, especially if the company is handling massive amounts of sensitive information. - Fines/penalties (regulatory) - Legal action - Loss of productivity - Tarnished reputation - Loss of consumer trust - Financial cost of recovery While these are only a few examples, they represent the multifaceted nature of why data privacy is important, and something that OEMs and their partners should consider when increasing data flows in their product. The MCSP is a ComCode GmbH initiative. #datasecurity #privacybydesign #automotivedataprivacy

Exciting initiative. Stay tuned.

1.4 BILLION vehicles. That's how many vehicles were on the road in 2022 globally. And this number is only continuing to rise. #dataprivacy, #cybersecurity, and #digitalforensics within the sphere of the automotive industry should be approached with a similar mindset as mobile devices--we need to understand our threat surface to quantify the impact. Of these nearly 1.5 billion vehicles, the average lifespan is roughly 12 years--far longer than most electronic devices, such as smartphones, laptops, or PCs. This only increases the threat surface and the likelihood of vulnerabilities being located and exploited. Think about how much opportunity an attacker would have for an unpatched vulnerability. Let's also consider the human element of the automotive industry--the average American spends roughly 38,000 hours driving in their lifetime--that's over four years. With the average American lifespan being roughly 76 years, that's 5% of your life behind the wheel. That might not seem like a lot, but cyberattacks on your vehicle could easily become a life and death situation. The MCSP is a ComCode GmbH initiative. #securitybydesign #automotivecybersecurity #connected

Throughout our time researching #automotive #cybersecurity, there have been a number of potential threats and vulnerabilities surrounding the connected vehicle ecosystem. While we have touched on many areas, we wonder what the public, industry stakeholders, and other security experts have to say. Therefore, we want you to consider: The modern automotive industry is rapidly adopting connectivity-based technologies. With potential vulnerabilities proliferating, what concerns you the most? - Supply Chain Attacks - Internet of Things Devices - EV Charging Infrastructure - Over the Air (OTA) Networks / Cloud Storage - 3rd Party Applications - Aftermarket Parts - Data Breaches - Autonomous or Remote Control Functionality - Infotainment Systems - Other (Please Specify) We look forward to hearing from you! The MCSP is a ComCode GmbH initiative. #dataprivacy #digitalforensics #privacybydesign

Remote code execution on a #connectedcar. Again. The #hackers took over the #vehicle through the #infotainment, #Bluetooth, and #telematics. Again.

🏗️💡 From Market Boom to Built-in Security: Safeguarding Smart Construction's 250 billion Dollar Future with Our Iterative Approach. In 2023, the market for Smart Building Construction and security was valued at $78.28 billion. But what lies ahead is even more striking: projections by Allied Market Research suggest a massive uptick estimated to be close to $250 Billion dollars by 2032. This exponential growth underscores the critical need for robust security planning as we navigate the intricacies of these emerging technologies and markets. However, amidst this expansion, one crucial aspect often overlooked is the security of the supply chain. The interconnected nature of smart building components opens doors not just to innovation but also to vulnerabilities. From hardware vendors to construction contractors (and even the customers themselves), every link in the supply chain must be fortified against cyber threats. We as an organization fully recognize the dynamic nature of both cybersecurity and the construction industry; knowing well that the focus is not merely about implementing static solutions, but embracing an iterative approach. Our core strategy relies on proactively and directly engaging with Construction teams to ensure top-notch security before the client ever arrives on site. By integrating cybersecurity considerations throughout the construction process, from design to implementation and beyond, we empower ALL stakeholders to build smart environments that prioritize both functionality and security. This approach ensures that each phase of the construction process is fortified against potential cyber threats, laying a solid foundation for secure smart buildings. Major manufacturers such as Siemens, Schneider Electric, Johnson Controls, and Honeywell play a pivotal role in this ecosystem, providing cutting-edge technologies and solutions that are the essence of #SmartBuildingSecurity. Stay tuned as we delve deeper into our iterative approach to securing IoT environments in smart buildings. Checkout Market Projections here: https://lnkd.in/dWWcEkrE The MCSP is a ComCode GmbH Initiative #SmartBuilding #SmartCity #Security #IOT #Construction #Supplychain

Auto. Sec NEWSLETTER: April 18th, 2024   Recently in automotive cybersecurity, several sources highlighted the increased risks associated with electric vehicles and their architectures. Another article also lists automotive cybersecurity as the top emerging trend in cyber for 2024.   20 Emerging Cybersecurity Trends in 2024 - Automotive Cyber The article cites automation and connectivity as the primary concerns surrounding modern vehicle networks. While this is no longer new to many experts, we expect the automotive sector to be highlighted in the coming years as a top priority, even potentially being added to the existing list of #criticalinfrastructure assets that must be protected. Recent media has sparked public interest in the dangers of #autonomousvehicles, and many startups have either scaled back their projects or shuttered them altogether, for myriad reasons.   Read more here: https://lnkd.in/dQPFVaG   Are EV Chargers the Next Prime Target for Hackers?  Concerns surrounding #EV chargers resemble that of many newer technologies--concerns surrounding the rate of devices being pushed to production too quickly have been further escalated by government mandates, loose regulatory frameworks, and subsidies. EV chargers themselves often have some form of internet connectivity or at the very least a cloud-based backend that is used to store information. Read the article below for more details on the development of EV infrastructure.   Read the article here: https://lnkd.in/e3CgFHpf   Is Cybersecurity a Hurdle for EV Development? We would say yes, and rightfully so. The article linked below begins to examine the necessary vehicle architectures that must be in place for consumers to maintain a sense of trust among automakers. This all begins with the principle of "security by design" and understanding that modern vehicles need to be treated as if they were computers, seeing as many modern vehicles behave like one. The article also addresses the many ways that #cybersecurity needs to be considered before we can expect connected vehicles to be successful in the industry.   Read the summary article here: https://lnkd.in/ejcTSiEj   The MCSP will continue to post weekly updates on the current state of automotive cybersecurity, highlighting large events, outlining key developments in the regulatory world, and documenting cyberattacks against vehicles and the automotive ecosystem at large.   The views expressed in the articles linked above are the views of the original content creators and do not necessarily represent the views or opinions of ComCode GmbH. This post does not contain affiliate links.   The MCSP is a ComCode GmbH initiative   #automotivecybersecurity #connectedvehicles #automotivedataprivacy #riskmanagement