The market for cybersecurity services as it pertains to autonomous and non-autonomous vehicles is growing.
According to Allied Market Research, the estimated industry size of cybersecurity for the autonomous vehicles market was valued at $356.0 million in 2023 and is projected to reach $2330.2 million by 2032, growing at a compound annual growth rate (CAGR) of nearly 23 percent from 2024 to 2032.
Allied Market Research states: “The future opportunities of cybersecurity for autonomous vehicles are vast and critical to the advancement and widespread adoption of this technology. One key opportunity lies in the development of advanced artificial intelligence (AI) and machine learning algorithms that can proactively detect and mitigate cyber threats in real-time.”
There is also a market for cybersecurity in non-autonomous cars and trucks, which are increasingly connected.
CISA weighs in
The Cybersecurity and Infrastructure Security Agency (CISA) lays out the groundwork for vehicle cybersecurity:
“As the automotive industry continues to evolve, today’s vehicles are increasingly part of connected systems that will change and improve the movement of people and goods within communities and nationwide. Trucking, mass transit, and last-mile delivery services are among the first to adopt this advanced technology, and multiple states are conducting pilots to ensure their safe integration. However, while autonomous ground vehicle technology offers benefits to organizations and communities, there are also potential threats to organizations, people, and assets.”
CISA has a guide for cybersecurity and safety when it comes to managing fleets. Meanwhile, experts also point out the dangers – and opportunities – for managed service providers (MSPs) when it comes to keeping connected fleets safe.
Vehicle connectivity creates opportunity for MSPs
Bob Bilbruck, CEO of business services company Captjur and a connected car expert, offers up some thoughts on how MSPs can take advantage of the growth in cybersecurity opportunities that vehicles offer.
Bilbruck points out that connected vehicles rely on a vast network of communication systems, sensors, and software to ensure safe and efficient operations. “However, these vehicles also face unique cybersecurity threats due to their increased connectivity,” he says. “This is where MSPs come in.”
“MSPs play key roles in protecting these vehicles from cyberthreats,” Bilbruck explains, offering some steps that can be taken for MSPs that have clients with fleets.
- Provide ongoing monitoring and testing services. Identifying vulnerabilities in a vehicle’s software, hardware, and network connections is essential for protecting vehicle fleets.
- Secure software development and updates. Automating vehicle software updates enables manufacturers and fleets to manage secure patching. This prevents attackers from exploiting outdated systems.
- Establish strong authentication and encryption: Assisting fleet operators and manufacturers in implementing encryption across all communication channels—including remote diagnostics, telematics, and cloud infrastructure—protects sensitive data and prevents man-in-the-middle attacks.
Key cybersecurity strategies
Bilbruck also recommends that MSPs offer Incident Response and Recovery plans, such as managed detection and response (MDR) services that quickly identify and mitigate any cyberattacks on connected vehicle systems.
“MSPs should also support their clients in implementing backup and disaster recovery strategies for critical vehicle data,” he says, adding. “It’s important that MSPs double down on threat intelligence sharing by providing these services to automotive clients, including monitoring for new types of or attack techniques that target connected vehicles.”
Helping automakers and infrastructure providers implement secure V2X systems that include both encryption and authentication, is another way MSPs can help their customers avoid unauthorized access to vehicular communication networks.
As Bilbruck explains, vehicles are not immune to the same supply chain risks everyone else faces. “MSPs should assist automotive companies with managing supply chain risks, helping them ensure that all third-party services, components, and software meet high cybersecurity standards before being integrated into vehicles.”
Bilbruck says education is another MSP tool for fleet safety. “Provide cybersecurity training for fleet operators, manufacturers, and users of connected vehicles to help them understand the risks and how to protect against them,” he shares.
Supply chain risks increase complexity
Joe Saunders, CEO and RunSafe Security emphasizes that MSPs must also consider the supply chain risks that vehicles face when helping their customers improve fleet security and safety.
“The supply chain is complex. Scanning code and understanding software composition are good places to start, but have limitations,” Saunders says, adding, “Though you can get up to 80 percent of the details analyzing the software binaries, you likely will miss vulnerabilities and code changes originating from the supply chain.”
Saunders believes the U.S. needs to collaborate with Congress to create an overarching strategy to set regulations detailing what the nation should expect with cybersecurity in critical infrastructure. This could include security-related regulations mandated within federal government procurement processes, extensive software and hardware supply chain security strategies, and security capabilities built into the hardware and software of connected vehicles.
Whatever the route, MSPs have an increasing opportunity on wheels.
Photo: wr7 / Shutterstock
This post originally appeared on Smarter MSP.