IT security for automotive suppliers: Minimizing cyber risks with foresight
Suppliers to the automotive industry are permanently in the sights of attackers. Because they are so closely intertwined with manufacturers, they are seen as easy targets with great influence on the supply chain. A disruption in operations, an interruption in production or a shutdown can have devastating effects and are ideal leverage for ransomware. It is therefore essential for companies to continuously monitor the security of their IT systems to ensure sustained high levels of protection. In addition, it is important to identify and alert business partners to potential risks at an early stage.
LocateRisk's IT security analyses and monitoring provide the necessary transparency in the ecosystem and enable accelerated minimization of attack surfaces. You can easily track the progress of security activities and prove the respective status to third parties.
IT security from an external perspective: automotive suppliers in Germany
The structural change in the automotive industry is gaining momentum. Electromobility, car sharing, connected vehicles and autonomous driving are megatrends that are increasingly enriching our everyday mobile lives. However, the networking that goes hand in hand with this - be it user interfaces, cars, production routes or supply chains - harbors considerable risks. Espionage, sabotage, data theft and ransomware pose new challenges for manufacturers as well as component and system suppliers, as they require a holistic IT security approach. The importance attached to cybersecurity in this industry is confirmed by internationally valid UNECE regulations and the industry-specific adaptation of ISO standard 27001 by the TISAX standard for information security in the automotive sector.
Despite recognizable progress, there is still room for improvement
Our analysis of 252 automotive suppliers showed that there has been visible progress with regard to software updates and the accessibility of system interfaces. However, there is still a clear need for action with regard to the security of data transmission. Data collection was done by gathering and processing information from publicly available sources.
The results in detail
Protected mail dispatch
Fifty-two percent of the major cities checked sent email partially unprotected (without an SPF record), making it easier for attackers to launch spam and phishing attacks through mail forgery.
Accessibility of the system interfaces
The fact that not all database systems belonging to the company were adequately protected against cyber attacks was revealed by 41 percent. Unsecured systems that can be accessed from outside make it easier for hackers to gain access to sensitive data.
Data transmission security
87 percent allowed data transmission with outdated transport encryption, which encourages data theft.
At least one application with a potential security vulnerability of high criticality was found in 29 percent. Applications with missing security updates are a welcome gateway for attackers.
45 percent of major cities used tracking cookies without user permission. In these cases, warnings and fines can threaten.
Gain insight into your organization's external IT attack surface
IT managers do their best to ensure the IT security of their systems. But how can the current status of IT security performance be continuously proven? With LocateRisk's IT security analysis, it's quick and easy. See for yourself: Interested organizations can receive a security assessment of their IT landscape including a 30-minute insight into the detailed analysis free of charge at: Tel. 06151 6290246 or e-mail to: em@LocateRisk.com
Request your personal Live-Demo now
Identify and reduce your cyber risks through a comparable and understandable overview of your IT security. Let our experts advise you and find out how LocateRisk can help you solve your cyber risks.
Learn more, book a demo, or just have a quick chat? Alex is happy to help!
Your personal consultantAlexander FeldmannConsulting
+49 6151 6290246Get in touch now