DETROIT -- Risk management for autonomous and connected-vehicle cybersecurity requires public-private cooperation and partnerships, panelists said Friday at the second Billington Global Automotive Cybersecurity Summit.
"We need robust risk management processes and a cybersecurity culture" that works to identify vulnerabilities and risks, said Heidi King, deputy administrator of NHTSA. "It's about anticipating the unexpected and being ready."
King also emphasized the need for public perception of autonomy and connected-vehicle technology to be comparable to domestic technologies in which the public already places trust. To do this, King said cooperation between the government and private sector is critical, especially when it comes to reinforcing a culture that invests in threat management.
Public mistrust, she said, could delay deployment of safer connected-vehicle technologies.
"Public confidence is key to technology deployment," King said.
Michael Chertoff, former U.S. secretary of homeland security, discussed the growing need for initiating conversations about cybersecurity throughout the industry.
"Issues of safety and security are hardly new to the automotive industry," Chertoff said. "As we think about those analog safety improvements and security improvements, we're going to need to think about these from the area of cyber."
Chertoff wondered whether the design required to meet new cybersecurity threats would be able to evolve in a competitive industry marketplace.
"The complexity not just of the suppliers but of the entire ecosystem that supports automobiles" needs to be considered, Chertoff said. "As we have autonomous vehicles and smarter and smarter vehicles, the challenges of security will multiply."
Along with issues of development, the implications of the data in question will also need to be addressed, Chertoff said. He cited the potential for incidents of terrorism with autonomous and connected vehicle technology.
"We need to consider how we use the data responsibly but also show people that it's not going to be marketed to others or transmitted to people who use it in ways we don't expect," Chertoff said. "One of the weapons of choice now for terrorists is the automobile or the truck."
Chertoff also stressed the role of the federal government in cybersecurity and risk management.
"Most of the infrastructure is in the private sector's hands," Chertoff said. "The only way the government can actually protect the private sector is with the cooperation of the private sector."
General Motors President Dan Ammann echoed similar sentiments. Ammann highlighted the impact autonomous vehicles can have -- as long as cybersecurity becomes part of early design stages.
"We must as an industry work together to prevent security breaches and fight bad actors," Ammann said. "We are designing against a rapidly evolving threat."
Ammann stressed the need to invest in fostering talent, as the industry faces a shortage in engineers.
"The talent shortage on the front lines of the cybersecurity wars is real," Ammann said. "The need to grow our engineering and technical talent applies directly to the cybersecurity field."
Ammann also told Automotive News that GM will continue to "be engaged heavily" in discussions regarding changes in fuel efficiency standards by the Trump administration.
You can reach Alexa St. John at astjohn@crain.com