The Cyber Review: SolarWinds Hack Update, Connected Cars and Cybersecurity

February 18, 2021
Written by Farah

1. Connected cars pose cybersecurity risks not all Canada’s auto parts suppliers see, report says

A new report by the Automotive Parts Manufacturers’ Association’s (APMA) Institute of Automotive Cybersecurity (apmaIAC) and KPMG in Canada found that 42% of Canadian auto parts manufacturers recognize that today’s vehicles that are smart equipped are threats for cybersecurity issues.

Security, safety, and privacy are important for today’s vehicles because they are connected with smartphones and wifi, but many manufacturers have yet to figure out how to work around these factors to ensure cybersecurity safety.

“The reality is that now, more than at any other time in manufacturing, companies must safeguard their products, operations, and systems no matter the type of components, parts, systems, and assemblies they produce,” said Flavio Volpe, president, APMA.

2. What the SolarWinds Hack Tells Us About the State of Cybersecurity

The SolarWinds hack was a big and sophisticated one that started in March and became public in December. Microsoft president Brad Smith said Microsoft has assigned 500 engineers to investigate the attack. What’s important to take away from the attack is how vulnerable organizations are because a full proof cybersecurity system required training, intelligence, softwares, and experts available all the time, but also a secure vendor. “As companies’ supply chains get more complicated and they deploy more IoT to manage their buildings and processes, the attack surface is growing and growing.” No matter how big and “secure” an organization is, there are threats everywhere

3. The Uncertainty of Cybersecurity Hiring

56% of businesses said that the cybersecurity talent shortage is putting their business at risk. Not only does the cybersecurity skills gap needs to be bridged, the challenge of getting more women and minorities in the field still remains. Workers often lack the chance for promotions and higher pay, suffer from high stress and lack support from managers. One possibility is to hire cybersecurity talent from anywhere in the world and offer better benefits than companies in their residence country would offer. Two points to keep in mind: hiring talent and retaining them. Offering opportunities for growth, learning new skills, and moving up the ladder is important for cybersecurity workers.