Capgemini debut automotive security solution

Consulting and outsourcing giants Capgemini have pledged to enhance the security of connected vehicles, vehicle manufacturing plants and enterprise IT systems of automotive brands.

The offering combines the specialist expertise of the Group’s global automotive, cyber security and consultancy teams, including its wholly-owned subsidiary Sogeti, along with its worldwide network of Security Operations Centers. It provides a comprehensive offer for car manufacturers and suppliers to help prevent, detect and respond to possible cyber security threats.

Kai Grambow, Global Head of Automotive at Capgemini said: “Everyone working for a car company has now realised how important cyber security is, from those on the shop floor right the way to the CEO. Failure to prevent an attack could mean mass recalls, lost revenue, regulatory fines and even risks to customer safety. Much of the focus to date has been on safeguarding IT systems, which is difficult enough, but as automotive brands are increasingly working with connected ‘things’ like factory robots and millions of connected car parts the complexity of staying secure is mind-boggling.”

Unique Security Challenge

The launch comes at a time when the automotive industry faces an unprecedented and unique cyber security challenge. As cars are becoming more advanced and increasingly connected, they are built with hundreds of sensors and many onboard individual computers controlling everything from steering to the headlights. Together they expose a multitude of entry points for hackers to gain access and control. It is not just the car that is vulnerable. With automotive manufacturing plants now increasingly connected there are potential targets too.

Mike Turner, Global cybersecurity Chief Operating Officer at Capgemini said: “At Capgemini, we have considerable experience in helping our clients to secure connected devices and their operational infrastructure. We see this new offer bringing the full power of our Cybersecurity capabilities to help our automotive clients secure their business.”

The new offer supports manufacturers and suppliers looking to minimise cybersecurity risks for the connected car, as well as in manufacturing plants and across enterprise IT systems. It includes:

  • Assessment of security within and around the manufacturing plant, including critical subsystems, and the car itself, which include the vulnerability of service providers and external connections, such as Wi-Fi or Bluetooth. Penetration testing to provide additional specialist insight into vulnerabilities across the car and plant, and to assess the success of a strategy and its implementation
  • Designing a strategy for securing every aspect of the vehicle, from electronic control units1, buses and external connectivity to the governance processes around each of them, enabling a manufacturer and its suppliers to address end-to-end security steps
  • Implementation of security measures and remedial actions. This includes consulting and training on secure software development good practice, and operational implementation in the software development lifecycle

It also gives organisations access to Capgemini’s network of Security Operations Centers worldwide as well as SOCs that offer specific monitoring of vehicle and manufacturing events. These are staffed by teams of specialists and can act as a dedicated or shared team to an OEM or supplier. The offer significantly reduces the need for automotive companies to invest time, resources and budget in developing and building their own SOCs.

The automotive cybersecurity offering sits alongside a suite of automotive services hosted by Capgemini’s automotive specialists.