The Automobile Industry is Facing Cybersecurity Risks.

September 12, 2022 00:31:01
The Automobile Industry is Facing Cybersecurity Risks.
Chief of Cybersecurity
The Automobile Industry is Facing Cybersecurity Risks.

Sep 12 2022 | 00:31:01

/

Hosted By

Dewayne Hart

Show Notes

We drive our cars daily and enjoy the luxury of the many features, but security risks are embedded. The cybersecurity landscape has no boundaries, and just as if healthcare, financial, and educational entities face risk – so does the automotive industry. Increasing demand for connected and semi-autonomous vehicles has led to a growing demand for connected vehicle devices in automobiles.This increased the complexity of vehicle architecture and software codings, which made cars more vulnerable to cyber-attack. The market for automotive cybersecurity solutions has been developing rapidly to safeguard vehicles from such attacks. This interview brings into focus how automobiles are at risk.

View Full Transcript

Episode Transcript

WEBVTT 1 00:00:02.480 --> 00:00:05.400 All right, we're live once again in the global podcast studios here in Atlanta, 2 00:00:05.440 --> 00:00:09.279 Georgia. Rich Casanova here alongside Dwayne Hart, the man of the hour 3 00:00:09.400 --> 00:00:12.359 once again. Uh, if you haven't heard the name, I don't know 4 00:00:12.359 --> 00:00:16.960 where you've been, especially, especially if you're in the cybersecurity space are interested 5 00:00:17.000 --> 00:00:21.000 in pursuing a career. I have questions or concerns. Uh. It's definitely 6 00:00:21.000 --> 00:00:25.120 a hot topic across Um, you know, the water cooler conversation, that 7 00:00:25.160 --> 00:00:27.719 kind of thing. Right. So, this is the new era of what's 8 00:00:27.719 --> 00:00:30.960 happening in technology, and that is cybersecurity. This man wrote the book on 9 00:00:31.000 --> 00:00:34.240 it. Uh, he has a podcast about the subject matter and right now 10 00:00:34.280 --> 00:00:37.840 he's here on the show. So, uh so, Mr Hart. So 11 00:00:37.960 --> 00:00:42.119 let's start off with today's topic, which is about basically cybersecurity in the transportation 12 00:00:42.200 --> 00:00:45.000 industry. Right. UH, for the most part we're gonna be talking about 13 00:00:45.000 --> 00:00:47.759 the personal individual, because these are, you know, most people listen to 14 00:00:47.799 --> 00:00:52.880 the audience. A time permitting. Yeah, time permitting. We we may 15 00:00:52.920 --> 00:00:59.280 get into UH QUESTIONS REGARDING UH fleet transportation and government vehicles, but let's talk. 16 00:00:59.359 --> 00:01:03.520 Let's lead with what's the definition? How would you just saw define this 17 00:01:03.600 --> 00:01:07.159 area of cybersecurity and transportation. Okay, Rick Rich, I'M gonna break everybody 18 00:01:07.159 --> 00:01:11.560 in on something that's very simple year. Right, let's just look at cybersecurity 19 00:01:11.840 --> 00:01:19.040 in itself and look at the use of cybersecurity. Right, so looking at 20 00:01:19.040 --> 00:01:23.519 the core elements of cybersecurity and saying, okay, we need to find ways 21 00:01:23.599 --> 00:01:30.319 to protect information data and make sure we keep hackers away. Okay, let's 22 00:01:30.359 --> 00:01:36.040 take that and take it across the road, no pun intended, right in 23 00:01:36.120 --> 00:01:41.239 the parking lot, whi these cars apart. All right, the same concept 24 00:01:42.560 --> 00:01:48.400 survives and it's there, but it's automobiles now. So so, when I 25 00:01:48.480 --> 00:01:55.719 think automobiles, I'm thinking about some of these same core technologies, but they're 26 00:01:55.719 --> 00:02:00.359 in automobile because a lot of technologies are reused. When you think about, 27 00:02:01.239 --> 00:02:06.799 uh, a navigation system in a car, if you think about a remote 28 00:02:06.840 --> 00:02:09.919 controlled advice that you have, because you have a lot of remote control advices 29 00:02:09.960 --> 00:02:15.719 that you leave at the house as well too, if you go and Um, 30 00:02:15.879 --> 00:02:20.719 think about a lot of these cars have a mini computer, right, 31 00:02:21.400 --> 00:02:27.879 and so take that concept and apply to a regular computer. Yeah, so 32 00:02:27.879 --> 00:02:31.240 it's not that foreign. The widgets that are in our laptop, at our 33 00:02:31.400 --> 00:02:37.800 phones, they're just installing it now in, uh, a bigger object that 34 00:02:37.840 --> 00:02:42.719 has four wheels on it, right, and you know, here is the 35 00:02:42.840 --> 00:02:47.039 risk factor in this. You're driving your vehicle, right, and all of 36 00:02:47.080 --> 00:02:52.599 a sudden your vehicle starts to take you somewhere that you did not plan to 37 00:02:52.639 --> 00:02:57.400 go, okay, and so you end up at the police station, right, 38 00:02:57.520 --> 00:03:01.919 okay. So best case scenario, right. So. So now that 39 00:03:02.120 --> 00:03:07.919 is the risk factor. But also taken, taken, and looking at the 40 00:03:07.000 --> 00:03:14.759 fact that that if someone was to infiltrate the system of a car and they 41 00:03:14.800 --> 00:03:17.199 put rensomwhere in there and you can't use your car and they say, Hey, 42 00:03:17.319 --> 00:03:21.599 you gotta give me five thousand dollars, you know, before you can 43 00:03:21.599 --> 00:03:23.439 turn your car back on, it's kind of like getting booted right in the 44 00:03:23.479 --> 00:03:27.840 parking lot. This is the new this is the digital version of getting booted. 45 00:03:28.199 --> 00:03:30.199 You know what, now that you bring that up, I'm going to 46 00:03:30.400 --> 00:03:38.000 throw something out there, especially about the future. Right. Imagine if someone 47 00:03:38.080 --> 00:03:43.319 did not pay that parking tickets, right, okay, okay, imagine if 48 00:03:43.360 --> 00:03:46.719 that was a way to control that car, way you could not drive your 49 00:03:46.719 --> 00:03:53.879 car. Okay, and that could be a feature in your car where the 50 00:03:53.919 --> 00:04:00.360 Police Department could shut down your vehicle, right and right are. So imagine 51 00:04:00.439 --> 00:04:05.639 that this, because I don't know if there's features out there, but I'm 52 00:04:05.639 --> 00:04:11.560 gonna bring it up. Imagine if a car was stolen, right, and 53 00:04:11.639 --> 00:04:15.800 imagine if, for some reason, Um, you know, the system could 54 00:04:16.439 --> 00:04:20.600 find your car and to Navage, navigate your car to the police station and 55 00:04:20.600 --> 00:04:26.240 it goes and locked the doors. It is those criminals nightmare. Well, 56 00:04:26.240 --> 00:04:29.560 some of that's already in place. Right, maybe that's the exact description, 57 00:04:29.639 --> 00:04:31.480 but but I know they have, like in your last a matter of fact, 58 00:04:31.519 --> 00:04:38.800 you just finished a live stream episode talking about digital parenting and about kids 59 00:04:38.959 --> 00:04:43.279 and technology and parents oversight of that. Right. So I know in fact 60 00:04:43.319 --> 00:04:47.319 there is devices that uh parents in this case, could install in vehicles that 61 00:04:47.759 --> 00:04:51.240 doesn't allow the vehicle to go beyond a certain mile, mile per hour, 62 00:04:51.399 --> 00:04:56.399 right, for safety reasons. So if that's digitally connected to your car, 63 00:04:56.480 --> 00:05:00.600 that's not such a foreign concept that, um, but then it gets into 64 00:05:01.000 --> 00:05:04.160 you know, who's in control here whatever. But which leads into another topic 65 00:05:04.240 --> 00:05:10.160 we're gonna talk about is uh insurance and risk management. So the insurance companies, 66 00:05:10.240 --> 00:05:13.920 you'd probably get a discount or credit for your insurance policy. If you 67 00:05:13.920 --> 00:05:16.800 have this installed on your vehicle and back to like if it's stolen, it 68 00:05:16.839 --> 00:05:20.000 could be tracked. Right. Uh. What's what's the device? You put 69 00:05:20.040 --> 00:05:24.079 your button, then they can, Um, uh, they connect you with 70 00:05:24.120 --> 00:05:29.319 a with a voice person to talk to the you're talking about and Croll your 71 00:05:30.000 --> 00:05:34.680 in in car control APP are. There's like a safety device that, like 72 00:05:34.720 --> 00:05:38.720 on some of the videos, you push a button on star, on star, 73 00:05:38.879 --> 00:05:42.000 right, and if you connected on star, which is a digital version 74 00:05:42.120 --> 00:05:45.720 of what we're talking about, they can say where your car is at and 75 00:05:45.720 --> 00:05:47.160 if it's stolen, they can track their car, right, and so they 76 00:05:47.199 --> 00:05:50.600 could maybe not drive it to the police station. They can certainly start to 77 00:05:50.639 --> 00:05:54.839 slow down the function of it. And so it comes to complete stop. 78 00:05:55.079 --> 00:05:58.360 And now there's a GPS trackers, so they can locate your vehicle. But, 79 00:05:58.639 --> 00:06:00.680 um, but this kind of PIGGY BA into insurance and risk management. 80 00:06:01.120 --> 00:06:04.279 So where do you think the insurance companies are at on this topic? Well, 81 00:06:04.879 --> 00:06:10.120 you know, like any type of technology, I don't think they have 82 00:06:10.240 --> 00:06:13.920 grassed on it yet because, you know, it has to happen versts. 83 00:06:14.040 --> 00:06:17.000 That has to be a dire diat need. You know, that's just like 84 00:06:17.120 --> 00:06:24.199 critical infrastructure and all the utility plans. You know, they only became Um 85 00:06:24.240 --> 00:06:29.839 a sovereige cuty issue when the attacks start to occur. Right, okay, 86 00:06:29.879 --> 00:06:33.000 you know, prior, prior to then, you know that wasn't a large 87 00:06:33.079 --> 00:06:40.000 discussion. Now now, if you think about cars, all right, you 88 00:06:40.040 --> 00:06:44.480 know it hasn't been a large or very large discussion. It hasn't been any 89 00:06:44.519 --> 00:06:47.399 type of a large reporting on it. But Trust me, once you see 90 00:06:47.439 --> 00:06:51.480 this reporting start to happen, that's when insurance companies are gonna have to come 91 00:06:51.519 --> 00:06:59.839 up with certain policies because maybe you can get your insurance um reduce with certain 92 00:07:00.000 --> 00:07:05.720 safety features. Okay. And secondly, two is maybe the insurance companies, 93 00:07:06.519 --> 00:07:12.160 you know now is working with the police departments and if you unpaid your insurance, 94 00:07:12.199 --> 00:07:14.680 then you know the car is going to see it in your yard. 95 00:07:14.879 --> 00:07:17.920 Right. Well, that begs the next question in terms of leadership. WHO's 96 00:07:17.959 --> 00:07:20.839 taken, who's going to be a more proactive lead on this? Right because, 97 00:07:21.399 --> 00:07:27.639 like in another episode podcast, you talked about Um a topic where, 98 00:07:28.439 --> 00:07:30.000 you know, uh, not just a hacker's hat, but where people need 99 00:07:30.000 --> 00:07:33.360 to kind of like be more proactive about it. But in terms of is 100 00:07:33.399 --> 00:07:38.720 this lie more in the private or the public sector right in terms of responsibility 101 00:07:38.720 --> 00:07:42.160 and leadership? Is it a Um? You know, does it behoove the 102 00:07:42.199 --> 00:07:46.480 industry to be more proactive about it? I mean kind of like actually, 103 00:07:46.480 --> 00:07:49.240 in a recent episode you talked about the workforce being remote. Right, that 104 00:07:49.319 --> 00:07:53.040 was that was kind of forced upon us. You know, there is no 105 00:07:53.120 --> 00:07:57.759 contingency plans to implement that on a on a global scale until we had a 106 00:07:57.800 --> 00:08:03.120 worldwide issue, right, and so unfortunately the government and the public sector may 107 00:08:03.120 --> 00:08:09.360 be waiting for that dire situation just described. You know, when I look 108 00:08:09.399 --> 00:08:16.079 at the issue, it is all hands responsibility, because if the issue became 109 00:08:16.319 --> 00:08:22.040 something where where, where it was separated, you know, between saying that 110 00:08:22.120 --> 00:08:26.519 it's the public and or the private sector role, that's when sobersecurity start to 111 00:08:26.519 --> 00:08:35.440 fail. In my book I talked about responsible actions and ownership. Somebody has 112 00:08:35.480 --> 00:08:39.639 to take ownership, okay, and somebody has to lead, so they're gonna 113 00:08:39.679 --> 00:08:46.000 win. But now, since it has not became a really scrown topic, 114 00:08:48.159 --> 00:08:50.519 I know that the government is taking a lead on this and try to come 115 00:08:50.559 --> 00:08:56.240 up with standards that she needs to be in place, which is good. 116 00:08:56.000 --> 00:09:03.200 And likewise, since since we're having this discussion. People that are listening to 117 00:09:03.360 --> 00:09:07.600 this podcast may not have ever heard of this topic before. Never have thought 118 00:09:07.679 --> 00:09:15.960 of it before. All right, but hopefully there is a collaboration between the 119 00:09:16.000 --> 00:09:22.639 public and the private sector and also to the automobile industries. Absolutely. Um. 120 00:09:22.679 --> 00:09:26.480 So I get another comment question coming up, but beforehand. So, 121 00:09:26.519 --> 00:09:28.840 if you're listening to this podcast, rich casting over here in the Lanta ctity 122 00:09:28.879 --> 00:09:31.960 alongside Dwayne Hart, uh, and speaking of his book he just mentioned. 123 00:09:33.240 --> 00:09:35.799 Uh. So go to just dwayne heart dot com and you can see everything 124 00:09:35.879 --> 00:09:41.480 about the podcast, about his live stream, about his Um and his obviously 125 00:09:41.519 --> 00:09:43.519 his book. Right. So again, just everything you can find social media, 126 00:09:43.600 --> 00:09:48.080 all that good stuff. Just DWAYNE HEART DOT COM. So my question, 127 00:09:48.240 --> 00:09:50.919 Um, our comment is about you know, we were talking about these 128 00:09:50.960 --> 00:09:54.600 dire straits. But the good news is, in a recent article we just 129 00:09:54.600 --> 00:09:58.120 pulled up today, the good news is, uh, one of the questions 130 00:09:58.159 --> 00:10:01.240 how many hacks have happened to date? The good news is no one, 131 00:10:01.480 --> 00:10:03.559 you know, can give an exact number here. Right, but the but 132 00:10:03.639 --> 00:10:07.000 there's only been really a handful of real world hacks, such as the jeep 133 00:10:07.000 --> 00:10:11.120 wranglers in two thousand and sixteen that's been identified to date, because a lot 134 00:10:11.120 --> 00:10:15.039 of people kind of have this fear, you know factor involved of like, 135 00:10:15.080 --> 00:10:16.960 Oh, I don't want cybersecurity in my car, it's gonna Crash, for 136 00:10:18.039 --> 00:10:20.840 people are gonna take it over right, other kind of thing. But it's 137 00:10:20.879 --> 00:10:22.919 kind of like the autonomous vehicle. When that first rolled out, people were, 138 00:10:22.960 --> 00:10:26.720 you know, kind of in panic mode. But the reality is some 139 00:10:26.799 --> 00:10:30.120 of these vehicles have gone over like a million miles only had one incident, 140 00:10:30.679 --> 00:10:37.960 whereas the people driving cars have incidents every ten seconds. Right. So cybersecurity 141 00:10:37.080 --> 00:10:41.039 in the vehicle is a concern, but I don't think it's something that you 142 00:10:41.080 --> 00:10:46.360 have to like, Um, be overly anxious about. Right. Well, 143 00:10:46.440 --> 00:10:50.799 well, well, see, what we have to look at is the current 144 00:10:50.840 --> 00:10:54.519 state of the technology's dead it venues in these vehicles. All right, if 145 00:10:54.559 --> 00:11:01.000 we think about fifty years ago, everyone was writing information down on the sheet 146 00:11:01.000 --> 00:11:03.799 of paper and put it in the shoe box and throw it in the closet, 147 00:11:03.879 --> 00:11:09.919 right, but today information is all across smartphones, tablets, emails and 148 00:11:11.000 --> 00:11:16.279 everywhere. How much technology do we even have in these vehicles now? Okay, 149 00:11:16.240 --> 00:11:20.919 it's you know, it's probably not to a point where it has raised 150 00:11:20.919 --> 00:11:26.200 the alarm, but that needs to be a scrow discussion because we look at 151 00:11:26.240 --> 00:11:33.440 cars now, I think the on star systems, it's one having a remote 152 00:11:33.440 --> 00:11:39.200 control is too because in those remote controls you can start your car fifteen minutes 153 00:11:39.200 --> 00:11:41.519 prior to you enter the car. All right, and it's all the features 154 00:11:41.559 --> 00:11:46.360 that you have now. Those are minimum type of controls that you have. 155 00:11:46.159 --> 00:11:50.279 Well, you know, minimum type of technology that you have. But just 156 00:11:50.399 --> 00:11:56.600 imagine as technology start to add on to these vehicles, because now what if 157 00:11:56.639 --> 00:12:03.039 you want to have a robotic vehicle? Now that's when a lot of cybersecurity 158 00:12:03.039 --> 00:12:05.960 has come in place, because it's not humans that are driving vehicles now. 159 00:12:07.039 --> 00:12:13.519 So so my point is that that, yes, the industry should should be 160 00:12:13.559 --> 00:12:20.759 concerned and the industry should start to at least accelerate a large discussion about automobiles 161 00:12:20.879 --> 00:12:26.159 and also to try to investigate ways to put some controls in place, because 162 00:12:28.360 --> 00:12:33.960 we know that technology grows, just like a regular cell phone. About twenty 163 00:12:33.000 --> 00:12:37.480 years ago, you know, we were doing basic things with it, but 164 00:12:37.600 --> 00:12:41.120 now look at the cell phones. Imagine all the technologies that are gonna be 165 00:12:41.200 --> 00:12:46.799 included in these vehicles. All right. So so it needs to have a 166 00:12:46.799 --> 00:12:52.799 discussion. All right, now should now. Should people be alarmed? Okay, 167 00:12:52.000 --> 00:12:54.279 yeah, yeah, you should be alarmed. All right, you should 168 00:12:54.279 --> 00:12:58.679 be cognizant of it. Like right, just like that, hackers had reference. 169 00:12:58.720 --> 00:13:01.480 We talked about but it's interesting. You mentioned about, uh, the 170 00:13:01.559 --> 00:13:05.799 concerns, but the part of the reality is, thinking about aviation is still, 171 00:13:05.840 --> 00:13:09.840 to this day, one of the safest ways to travel. And the 172 00:13:09.919 --> 00:13:13.759 reality is talking about technology, is that, UM, most of your entire 173 00:13:13.879 --> 00:13:18.039 flight time is a pilot, not steering coats, steering the plane. Right, 174 00:13:18.200 --> 00:13:22.039 it's really just on takeoff and landing. After that it's on, you 175 00:13:22.080 --> 00:13:24.720 know, not just autopilot, but but all the devices are running that and 176 00:13:24.799 --> 00:13:30.120 it's extremely safe. Right. So it comes down to risk versus reward. 177 00:13:30.360 --> 00:13:33.799 Right, what do we what's our trade off? Well, what you know? 178 00:13:35.120 --> 00:13:39.080 You know, it all depends on the growth of technology, all right, 179 00:13:39.120 --> 00:13:41.559 and I'm just gonna keep pushing there, because the more technology that you 180 00:13:41.600 --> 00:13:46.919 add into the vehicles, the more you're gonna have a need for cybersecurity. 181 00:13:46.960 --> 00:13:52.279 Okay, cybersecurity is needed, but the more need for cybersecurity will grow as 182 00:13:52.320 --> 00:13:56.919 you add more technology. Okay, Um, and you know, the only 183 00:13:56.960 --> 00:14:05.879 way to work ahead of the automobile industry and I keep repeating this, is 184 00:14:05.919 --> 00:14:13.000 to have discussion and to engage. Now, if we look at certain concepts 185 00:14:13.039 --> 00:14:20.799 outside of the responsible of the responsible actions and ownership and focus towards the hackers 186 00:14:20.799 --> 00:14:28.360 mentality, and also, too, about digital modernization, because digital modnization means 187 00:14:28.399 --> 00:14:33.200 that we need to improve the way we do business right and our situation awareness 188 00:14:33.200 --> 00:14:37.559 have to be there as well too, because our situation awareness is telling us 189 00:14:37.600 --> 00:14:41.879 that this is becoming an issue. So so, when you think about the 190 00:14:41.960 --> 00:14:46.559 cybersecurity mindset, those are some of the interfaces Um that I see. That 191 00:14:46.720 --> 00:14:56.399 falls into automobile cybersecurity safety. But likewise, as technology grows, we're going 192 00:14:56.519 --> 00:15:01.000 to have more issues and hopefully, and hopefully, you know, the government 193 00:15:01.159 --> 00:15:05.759 is taking a scroll very strong stand on this now, because you don't want 194 00:15:05.759 --> 00:15:11.159 to wait until things start to be drastic in Dannie steppion and said, well, 195 00:15:11.200 --> 00:15:13.679 we need to come up with plans, policies and regulations. You know, 196 00:15:13.720 --> 00:15:18.480 it starts with the design of the vehicles. Yeah, and we were 197 00:15:18.519 --> 00:15:22.960 talking about before we went on the air about design Um, this balance of 198 00:15:22.639 --> 00:15:26.600 you know, what it's sold at the dealership. We mentioned kind of the 199 00:15:26.600 --> 00:15:31.919 on star. That's not really the your Automo, you know, GM or 200 00:15:31.919 --> 00:15:35.120 four doesn't Um build on star. That's a third party. We talked about 201 00:15:35.120 --> 00:15:39.080 the before, like the third party integration or these vendors, that these suppliers, 202 00:15:39.200 --> 00:15:43.080 right, and their security protocol. So in this case, in terms 203 00:15:43.120 --> 00:15:48.120 of cybersecurity and vehicle, the dealership, it may be a benefit which becomes 204 00:15:48.120 --> 00:15:52.799 a selling point. Right. You think about back in the day power windows 205 00:15:52.879 --> 00:15:56.200 was was the selling point in power steering, right. But Um, and 206 00:15:56.240 --> 00:16:00.440 so same thing with now installing security in your equal or all of these APPs 207 00:16:00.480 --> 00:16:04.879 and widgets. But you talked about technology as well. Um, at what 208 00:16:04.960 --> 00:16:07.480 point, you know it's gonna become outdated, just like they talked about the 209 00:16:07.519 --> 00:16:12.279 iphone four no longer gets updates. So at some point that your vehicle is 210 00:16:12.279 --> 00:16:15.840 going to be maintained by a third party, that O e. m right, 211 00:16:17.320 --> 00:16:22.279 as opposed to taking it back to the dealership. So you know who 212 00:16:22.360 --> 00:16:25.399 who's uh, you know, kind of you know, a bit of a 213 00:16:25.440 --> 00:16:30.600 blurred lines. Right, of as a consumer, where does the responsibility lie? 214 00:16:30.320 --> 00:16:37.120 Well, what a responsibility. It's going to rely in the planning process. 215 00:16:37.159 --> 00:16:41.799 Okay, I'm you know, I've always been a component to say that 216 00:16:42.240 --> 00:16:47.600 when it comes to the responsibility is to look at everybody that touches sobersecuity. 217 00:16:47.960 --> 00:16:52.480 Okay. Now, with that said, you know that has to be a 218 00:16:52.519 --> 00:16:56.399 planning process in place, because as of now, you and I having a 219 00:16:56.480 --> 00:17:03.000 discussion about this. So the second question goes, is it somebody in Congress 220 00:17:03.080 --> 00:17:07.200 or the Senate or somewhere else in the government and also, Um, you 221 00:17:07.200 --> 00:17:15.359 know, the car manufacturers and also uh, national traffic and safety, Um, 222 00:17:15.400 --> 00:17:19.920 elements of the government is having a discussion as well too, because those 223 00:17:19.920 --> 00:17:26.640 discussions leads leads into planning, right. Um. You know, one of 224 00:17:26.720 --> 00:17:30.240 the other facts that too is that that I speak about the design factor, 225 00:17:30.599 --> 00:17:36.200 because that's the core to resolve these cybecurity issues here. You know, it 226 00:17:36.240 --> 00:17:41.279 needs to be a standard and catch it on the front end. So you 227 00:17:41.319 --> 00:17:45.839 know when you have a standard in place that will force some of the automakers 228 00:17:47.240 --> 00:17:52.200 to design these cars, you know, with a government type of UH standard 229 00:17:52.240 --> 00:17:56.759 in place, you know, maybe the nist Um, looking at some of 230 00:17:56.799 --> 00:18:00.880 the I s oh standards out in place. Um, looking at some of 231 00:18:00.920 --> 00:18:06.440 the other type of technology and electrical type of systems that you have to have 232 00:18:06.559 --> 00:18:11.119 in place just to meet some sober security standards. Um. Now what I 233 00:18:11.160 --> 00:18:15.599 do imagine? Two is that that's gonna be a framework come out and you 234 00:18:15.640 --> 00:18:19.079 know that framework is gonna say, okay, these are the type of controls 235 00:18:19.160 --> 00:18:22.200 that you need to have in a place for your automobile, just like there 236 00:18:22.279 --> 00:18:29.039 are type of security controls that we have in place for the utility plans. 237 00:18:29.440 --> 00:18:34.359 Yeah, okay, you know, for the OTS systems. Now we establish 238 00:18:34.400 --> 00:18:41.000 a framework for automobiles, okay, and you know that needs to be one 239 00:18:41.079 --> 00:18:45.759 for voting machines as well, you know, because these are parts of industries 240 00:18:45.839 --> 00:18:52.400 that that have never been taught or to discuss in depth about before. Yes, 241 00:18:52.599 --> 00:18:56.400 you know, kind of protecting the consumer, which, uh, you 242 00:18:56.400 --> 00:19:00.039 know a lot of it's a Yiny Yang of big government take over and controlling 243 00:19:00.039 --> 00:19:06.079 and too much regulation. But that line of the consumer, if the consumer 244 00:19:06.119 --> 00:19:11.200 wins, the manufacturer or the UH, the company developing the product, they 245 00:19:11.240 --> 00:19:15.960 win because it gives them that competitive advantage. Right. So you think about 246 00:19:15.039 --> 00:19:19.440 like government Um Regulations on just the the US of the seat belt or the 247 00:19:19.440 --> 00:19:22.559 air bag. Right, we didn't always require an air bag in the vehicle, 248 00:19:22.680 --> 00:19:26.240 right, and so at some point there's gonna be those protocols in place 249 00:19:26.319 --> 00:19:30.440 that, okay, you have so much technology in your vehicle. We need 250 00:19:30.440 --> 00:19:33.200 to protect the consumer. Somebody has to step up and say, Um, 251 00:19:33.240 --> 00:19:37.640 you know, we're gonna not be reactive but, like we talked about, 252 00:19:37.640 --> 00:19:41.400 being proactive. Um, let's talk about from the hacker standpoint. You know 253 00:19:41.480 --> 00:19:45.759 that that weakest link. UH, there's a statement that, as an attacker, 254 00:19:45.799 --> 00:19:49.599 always will go after the weakest solution with the largest impact. Right. 255 00:19:49.720 --> 00:19:56.400 So, Um, have there been examples or any guesses of what, Um, 256 00:19:56.400 --> 00:20:02.039 where a hacker could break into you know, your uh, your devices 257 00:20:02.279 --> 00:20:07.519 through your vehicle? Yes, yes, they hackers. and Um, first 258 00:20:07.559 --> 00:20:11.400 of all, I was actually doing some research today and I find out that 259 00:20:11.519 --> 00:20:15.200 ransomware is one of the strongest pushes that hackers are doing, because if they 260 00:20:15.240 --> 00:20:21.599 can find a way to to actually get your private information from these vehicles, 261 00:20:22.720 --> 00:20:26.720 hackers can use that against you and maybe try to explore some ransomware or somewhere 262 00:20:26.799 --> 00:20:34.119 right now, now a vehicle and cybersecurity. It actually goes outside the bounds 263 00:20:34.240 --> 00:20:38.519 of causing destruction on the vehicle. It can be just as you use that 264 00:20:40.440 --> 00:20:45.119 easy as gathering information from these vehicles, especial private information. Let's say, 265 00:20:45.240 --> 00:20:49.000 for instance, you got the VN number and you know you can get that 266 00:20:49.039 --> 00:20:53.880 information, then then you can track that back to the owner and so forth, 267 00:20:55.039 --> 00:20:59.279 and maybe you can do something to the on started system where it forces 268 00:20:59.359 --> 00:21:03.200 that car to stop or something like that. Right, and then the owner 269 00:21:03.240 --> 00:21:07.359 may have to give up some money, you know, through ransomware or something 270 00:21:07.400 --> 00:21:11.640 like that. Right. So, so we can really look at a vehicle 271 00:21:11.960 --> 00:21:18.839 and say that it can be the mediator between and hacking it incident. Right, 272 00:21:18.039 --> 00:21:23.640 okay, because a hacker may not want to hack a vehicle. But 273 00:21:23.720 --> 00:21:29.640 what if that vehicle is the mediator though? Right, okay. So so 274 00:21:29.720 --> 00:21:33.480 it's like saying, okay, then this is the this is the core to 275 00:21:33.599 --> 00:21:37.119 the piece of K kill, right, right, okay. So, so 276 00:21:37.200 --> 00:21:38.599 if I get through the vehicle, then I can sit there and I can 277 00:21:38.640 --> 00:21:45.119 cause all type of arms because I can get private information and I can disrupt 278 00:21:45.119 --> 00:21:49.279 the unstared system or whatever, and I can find that data and I can 279 00:21:49.319 --> 00:21:52.440 force someone to give me some money, because if they don't give me no 280 00:21:52.519 --> 00:21:56.960 money, then I'm gonna lock their computer up. Right. So so if 281 00:21:56.960 --> 00:22:03.319 you think about those type of issues and how sobersecurity operate, because you know 282 00:22:03.400 --> 00:22:08.279 there is a chain reaction Um. That could be one of the errors to 283 00:22:08.519 --> 00:22:14.319 that could force things. So it's so so, to sum it up, 284 00:22:14.759 --> 00:22:21.079 ransomware, you know, your data privacy, probably two of the Um strongest 285 00:22:21.119 --> 00:22:26.160 issues that I think that is happening to um through like the automobile industry. 286 00:22:26.200 --> 00:22:30.119 Now, all right, let me let me share it. Kind of we're 287 00:22:30.119 --> 00:22:32.680 getting ready to close things up here, but let me share this statement I 288 00:22:32.680 --> 00:22:36.240 found online. I interested in your opinion on this. Um So, I 289 00:22:36.240 --> 00:22:40.039 found this kind of top ten lists on number nine on the list here, 290 00:22:40.119 --> 00:22:44.160 right, is talking about one of the topics we're talking about was privacy laws. 291 00:22:44.640 --> 00:22:47.359 Um. So I'll just kind of read a little bit and and get 292 00:22:47.400 --> 00:22:49.039 your thoughts on this. So many it says that many countries or regions have 293 00:22:49.079 --> 00:22:55.480 different laws about collecting what's called P I, I. Private personally identify information, 294 00:22:55.920 --> 00:22:59.279 just what you were talking about, to the ideas to protect and consumer 295 00:22:59.359 --> 00:23:03.519 privacy. But the risk is that that might hamper hybrid, uh, cybersecurity. 296 00:23:03.599 --> 00:23:07.440 Right. So you're kind of putting roadblocks, no pun intended in there, 297 00:23:07.559 --> 00:23:11.119 right, but uh, you know. So in essence, could be 298 00:23:11.160 --> 00:23:17.519 revealed is what vehicles hacked where. Um, you know, it could identify 299 00:23:17.559 --> 00:23:21.039 the consumers in a location, but you know, the consumers say, well, 300 00:23:21.079 --> 00:23:22.799 that's private information. I mean, like a lot of we, you've 301 00:23:22.880 --> 00:23:26.799 had another episode about social media. Right, who's controlling that data? Right, 302 00:23:26.839 --> 00:23:30.039 and so you're releasing it, uh, in good faith as a consumer. 303 00:23:30.640 --> 00:23:33.640 But then sometimes the government wants to step in. Well, this is 304 00:23:33.720 --> 00:23:37.200 national security, right, we need access to the information. So where, 305 00:23:37.240 --> 00:23:40.880 you know, where do you think we're gonna end up? You know, 306 00:23:40.960 --> 00:23:45.920 landing on this Um of the balance? And then they talk about some international 307 00:23:45.200 --> 00:23:49.200 uh, you know, some countries are other governments don't even allow that information 308 00:23:49.200 --> 00:23:52.119 to be shared outside the country. So, I mean, what are your 309 00:23:52.680 --> 00:23:57.519 what are your thoughts on, you know, the cost benefit analysis of that? 310 00:23:57.720 --> 00:24:02.640 Well, well, it's gonna go the same process as with any other 311 00:24:02.680 --> 00:24:10.559 type of privacy regulations and privacy Um discussion. Now, now, now that 312 00:24:10.640 --> 00:24:15.759 particular discussion is pretty much going to say, okay, here's the government standard 313 00:24:15.799 --> 00:24:21.240 here and here's a and here is a consumer that's saying that I want to 314 00:24:22.000 --> 00:24:25.720 I really don't think you need to have my information. Then then on the 315 00:24:25.720 --> 00:24:30.839 other side, well, you have the car manufacturers there, because they have 316 00:24:30.960 --> 00:24:33.519 a system where they when they keep track of who actually bought the vehicle and 317 00:24:33.519 --> 00:24:38.480 win. Right. Now, you know part of it is to have balance, 318 00:24:38.720 --> 00:24:42.599 all right, is to increase protection into lower risk. I think that. 319 00:24:45.039 --> 00:24:48.400 I think that when they kind of come to privacy itself, you know, 320 00:24:48.440 --> 00:24:53.039 the most important factor is to make sure that the information is safeguarded and 321 00:24:53.079 --> 00:24:57.759 that is protected and that it is only only only used for it, for 322 00:24:57.960 --> 00:25:03.480 the intended purpose. This is what the consumers have a problem because you're saying, 323 00:25:03.559 --> 00:25:07.720 okay, you get out on this data, but you don't tell me 324 00:25:07.799 --> 00:25:11.799 how you use this day. Because, see, we have policies and regulations 325 00:25:11.839 --> 00:25:15.160 that are written, but at the end of the day, once somebody gets 326 00:25:15.160 --> 00:25:22.039 the data, they are supposed to use that data for an intended reason. 327 00:25:22.720 --> 00:25:26.000 Okay, and and trust, trust that the the private sector, of the 328 00:25:26.039 --> 00:25:30.039 public sector, is going to honor that trust. Trade. Yeah, because 329 00:25:30.200 --> 00:25:33.079 only designated people is supposed to have access to that data. Now, now 330 00:25:33.160 --> 00:25:36.960 we don't know what happens inside of a building over there. You don't know 331 00:25:37.160 --> 00:25:41.720 who is who is who is seeing the data. Okay, so, so, 332 00:25:41.720 --> 00:25:45.960 so it's always going to be a struggle. But at the end of 333 00:25:45.000 --> 00:25:51.799 the day, Um, the idea is to drive data protection and to have 334 00:25:51.920 --> 00:25:56.160 laws in place, and I believe that it's gonna get better as time progress, 335 00:25:56.240 --> 00:26:02.279 because this is a like a junior type of discussion that's going on about 336 00:26:02.319 --> 00:26:07.279 automobiles. But I would not want just to rise to a level where where 337 00:26:07.319 --> 00:26:11.359 it becomes a senior discussion. I call it a senior type of discussion because 338 00:26:11.400 --> 00:26:15.960 it's rised up to chain and it and it has become very important now. 339 00:26:17.119 --> 00:26:23.240 Right, okay, you know, for for Cybersecurities, but between the public 340 00:26:23.279 --> 00:26:27.559 and the private sector and your automobile industry. Um, you know that needs 341 00:26:27.599 --> 00:26:32.279 to be a discussion happening. And speaking of discussions, one of the articles 342 00:26:32.279 --> 00:26:37.480 you share with me earlier today I found fascinating that it had an entire Um 343 00:26:37.799 --> 00:26:44.880 timeline of this topic of cybersecurity and hacking and vehicles and transportation, and it 344 00:26:44.960 --> 00:26:48.240 goes back to it sounds crazy, but one of the first articles was referenced 345 00:26:48.519 --> 00:26:53.039 in two thousand and two how to hack your car on Forbes. Right. 346 00:26:53.400 --> 00:26:56.640 I mean that's staggering because we think, oh, this is the last couple 347 00:26:56.640 --> 00:27:03.160 of years. So this topic has been um in the you know, uh, 348 00:27:03.240 --> 00:27:07.759 on people's minds for going back that long. Um, another thought I 349 00:27:07.799 --> 00:27:10.000 had, and we probably don't have time to kind of dive into this, 350 00:27:10.039 --> 00:27:14.160 but we think about that personal vehicle. But ride sharing, those ride sharing 351 00:27:14.240 --> 00:27:18.720 vehicles, we get it. Those are being monitor right, so we know 352 00:27:18.920 --> 00:27:22.319 where those people are going. Uh, you know, the point a to 353 00:27:22.400 --> 00:27:25.759 point be everywhere in between. So it's just the world we live in. 354 00:27:25.920 --> 00:27:30.559 So I think, uh, I'll turn things over to you to kind of 355 00:27:30.599 --> 00:27:33.079 close out the show, you know, if you can give us some kind 356 00:27:33.079 --> 00:27:36.519 of positive uh notes, or I think you're in a reference of like. 357 00:27:36.880 --> 00:27:40.960 Again, it's really on the individual to be uh, that awareness right and 358 00:27:41.200 --> 00:27:42.920 close with that and then how people would get in touch with you. Well, 359 00:27:44.160 --> 00:27:48.160 what I what I'll tell you is, when it comes to technology, 360 00:27:48.240 --> 00:27:52.640 it is it, it's you know, it needs to be some some type 361 00:27:52.680 --> 00:27:56.279 of controls in place in the cars and whatever. If you are an individual, 362 00:27:56.440 --> 00:28:00.880 here's the only way that I think that you can dry protection. Number 363 00:28:00.920 --> 00:28:06.640 One, if you have remote keys that you use for your vehicles, Um, 364 00:28:06.839 --> 00:28:11.440 make sure that you don't share them seclists when you go places. And 365 00:28:11.480 --> 00:28:15.559 if you have a if you have a remote key, make sure you keep 366 00:28:15.599 --> 00:28:18.200 your head in your pocket, in your pocketbook or whatever, because I'm seeing 367 00:28:18.200 --> 00:28:22.440 people that put the keys down on the table right then they then they said, 368 00:28:22.480 --> 00:28:26.400 Oh yeah, you know I'll be back. You know, and and 369 00:28:26.400 --> 00:28:29.720 and you know, you can you, you know, you can find ways 370 00:28:29.720 --> 00:28:33.359 to Cyper, to Cyper the codes for those vehicles. Okay. Secondly is 371 00:28:33.400 --> 00:28:37.599 that, Um, don't share your vehicle. Yeah, I mean on the 372 00:28:37.640 --> 00:28:41.720 designated people should be driving. Should be driving your vehicles. Um, I 373 00:28:41.759 --> 00:28:47.359 know for me when I go places, I really don't like to do valet 374 00:28:47.400 --> 00:28:51.640 parking because when I see somebody else, they're driving my car and listen and 375 00:28:51.680 --> 00:28:56.920 listen to my great music. Okay, I can't get real personal. Yeah, 376 00:28:56.000 --> 00:28:59.680 yeah, yeah, yeah, you know, I don't like that. 377 00:28:59.759 --> 00:29:03.759 So I try not to valuate part. But but I think, as a 378 00:29:03.799 --> 00:29:07.319 consumer, I think that what you can do is that, before you purchase 379 00:29:07.400 --> 00:29:12.079 a vehicle, asked the manufacturer, Um, you know, about the type 380 00:29:12.079 --> 00:29:17.000 of features that they have on these vehicles. You know, tell slow is 381 00:29:17.079 --> 00:29:18.920 growing. Yeah, okay, I think they're taking the lead in this, 382 00:29:19.079 --> 00:29:22.839 in this subject, in this topic. Right, yeah, yeah, so, 383 00:29:22.839 --> 00:29:26.680 so, so you want to really check check out the vehicle. But 384 00:29:26.559 --> 00:29:33.079 they are minimum type of technologies in these vehicles now, but in the future 385 00:29:33.759 --> 00:29:37.200 they would have more technologies in these vehicles and I would and I would think 386 00:29:37.240 --> 00:29:41.279 that it's going to be a larger discussion. But you know, it needs 387 00:29:41.319 --> 00:29:45.119 to be a discussion now. So, speaking of discussions, how would people 388 00:29:45.519 --> 00:29:48.079 reach out to you to, uh, for a deeper dive on this topic? 389 00:29:48.279 --> 00:29:52.359 Okay, then, for a deeper dive on this topic, you can 390 00:29:52.559 --> 00:29:56.680 go to my youtube channel and you can always find me on youtube. If 391 00:29:56.680 --> 00:30:03.279 you type in the word chief of for Cybersecurity, Dwayne Heart, you will 392 00:30:03.319 --> 00:30:07.559 go find me on Youtube. If you go to www dot dwayne heart dot 393 00:30:07.599 --> 00:30:14.240 com, which is my website for my book called the Tyber executed mindset, 394 00:30:14.279 --> 00:30:17.880 you can go find me there. Last well, not least, linkedin. 395 00:30:18.440 --> 00:30:19.920 You know, you'll go and find me there as well too. Or if 396 00:30:19.960 --> 00:30:22.599 you just one of the the person that want to do a google search, 397 00:30:22.720 --> 00:30:26.319 you just go out there Google and you take my name and and it'll come 398 00:30:26.400 --> 00:30:30.839 up, and so so you'll find me and, you know, just kind 399 00:30:30.839 --> 00:30:34.400 of reach out to me and U and, you know, just have a 400 00:30:34.480 --> 00:30:38.400 cybersecurity discussion. All right. Well, that's a good note to end on. 401 00:30:38.480 --> 00:30:44.039 So we'll see you next time again the book, the podcast, the 402 00:30:44.119 --> 00:30:47.200 live stream, dwayne heart dot com, and we'll see you next time. 403 00:30:47.240 --> 00:31:00.240 Take care. Thank you. All right. Eight
Previous Episode
Next Episode

Other Episodes

Episode

October 17, 2022 00:31:06
Episode Cover

How To Transition Cybersecurity Awareness Month Into A Common Practice

Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as...

Listen

Episode

September 20, 2021 00:30:47
Episode Cover

Cybersecurity Mindset

This podcast session brings into existence of how having a cybersecurity mindset resolves industry problems by being cyber-focused. It provides a chance for listeners...

Listen

Episode 11

November 14, 2023 00:23:48
Episode Cover

Mastering The Cybersecurity Mindset Part 1 - Utilize Readiness Concepts to Operate Programs

Do you know what's on your network? That's a serious question that many cannot answer. When invoking "The Cybersecurity Mindset," the reader can relate...

Listen