Connected Business Technology Why OEMs should invest in connected vehicle services with VSOC capabilities October 1st, 2024 Connected vehicles present new business models and revenue streams for OEMs. At the same time, the digital landscape is growing ever more complex, and automotive cybersecurity legislation is getting both stricter and increasingly heterogeneous. So, how can OEMs invest most wisely in automotive cybersecurity? Connected vehicle services with VSOC capabilities provide both reliability and flexibility for automakers as they build and maintain new products and services. What is a VSOC, and what does it do? As vehicles become increasingly connected and autonomous, they require a strong and complex cybersecurity infrastructure. Cybersecurity threats must be promptly and reliably monitored, detected, and managed. This is often achieved through a Vehicle Security Operations Center (VSOC), a security system dedicated to monitoring and protecting connected vehicles from these threats. Regulations, such as UNR 155, require OEMs to take critical and appropriate cybersecurity measures in order to respond to digital threats. VSOCs are an essential part of the remediation to these requirements. Building and maintaining a VSOC is intuitively perceived as the most attractive option from an OEM’s point of view. However, doing so will require significant resources and constant innovation, while not necessarily being the most efficient method for ensuring automotive cybersecurity. How do connected vehicle services with VSOC capabilities benefit OEMs? Connected vehicle services with VSOC capabilities are digital services that come with key cybersecurity features. From WirelessCar’s perspective, that means that we can integrate VSOC capabilities into our products and services. This allows OEMs to comply with UNR 155 and similar legal requirements and strengthens their security posture. Additionally, they gain access to threat detection and response solutions, allowing automakers to focus on innovation and business growth without the complexities of having to manage these systems in-house. Among our VSOC capabilities are real-time service monitoring, CTI (Cybersecurity Threat Intelligence), threat detection and response, incident management, and reporting analytics. OEMs can choose as to whether they want us to respond to threats or incidents, or if we should forward the information to the OEM’s own VSOC. Some OEMs opt for a fully managed VSOC service, while others prefer a more tailored approach, where they receive assistance with specific operational tasks. An OEM might say: We already have an intrusion detection system, and we need someone to monitor and respond to threats and incidents for us. VSOC strategies will vary, depending on the OEM's capabilities and preferences. An OEM might adopt one of several approaches to a shared responsibility model. For instance: Monitor everything internally: The OEM handles all aspects of monitoring, analysis, and response within its organization. Partner-monitored, internal analysis and response: While monitoring is outsourced to a partner, the OEM conducts its own analyses and handles responses. Collaborative partnership: The OEM and its business partner work together on specific aspects of monitoring, analysis, and/or response. Why OEMs should partner up on connected vehicle service development At the end of the day, we all want to be cybersecure, and comply with the latest legislation and regulations. The best way for OEMs to not only achieve that, but also stay innovative and knowledgeable, is to collaborate with a connected vehicle service developer, such as WirelessCar. Here are five reasons why partnering on connected vehicle service development is a good strategy for OEMs, from a VSOC perspective. 1. Gaining critical knowledge A common misconception among OEMs is that their security departments can handle most VSOC-related matters. What OEMs require, however, is in-depth knowledge of how connected vehicles operate, and how such vehicles communicate with their connected clouds. OEMs will need dedicated resources and specific automotive cybersecurity expertise. Partnerships help provide OEMs with that knowledge. 2. Investing resources wisely Acquiring expertise in this vast, and constantly changing field takes time, experience, and resources. As such, very few OEMs choose to do this work all on their own. Partnering with a connected vehicle service developer will make the learning and development processes much faster and more cost-efficient. The OEM can then allocate its resources to more brand-specific, customer-oriented products and services as well. 3. Tailoring products and services As outlined above, connected vehicle services with VSOC capabilities can be tailored to better suit a particular OEM strategy or business model. By developing these services along with a partner – or buying specific services from them – the OEM can devote its time to matters other than threat monitoring and analysis, for example. 4. Experience makes a significant difference Having an experienced business partner monitoring and analyzing cybersecurity threats is a great benefit to any OEM. As for WirelessCar, we have been working with digital services for connected vehicles for 25 years. Our products and services are cybersecure by design, ensuring reliable digital business operations for automakers. 5. Partnerships improve preparedness How can we prevent cybersecurity threats from doing actual damage? Well, collaboration is a key part of the puzzle. By working with many OEMs, in over a hundred countries, WirelessCar’s expertise provides proactive monitoring, detection and response to threats. As a result, we gain insights that can be of benefit to all OEMs, and that help us develop new products with high standards of security. What can we expect of VSOC technology in the future? The increased use of artificial intelligence will allow for enhanced threat detection and better automated responses. Connected fleets generate a lot of alerts, therefore requiring VSOC teams to know which to act upon, and how. Analysts can then focus primarily on the most complex threats. This is an area where far-edge artificial intelligence can prove especially useful. By having far-edge computing capabilities in connected vehicles, those vehicles will be able to better detect and react to threats. They could respond to many potential threats without having to send runtime data to the backend for analysis, thereby saving connection resources. This makes the OEM’s end-to-end automotive cybersecurity infrastructure more efficient, including from a cost perspective. WirelessCar currently utilizes different artificial intelligence mechanisms to reduce false positive rates and increase detection of true positives. If you have questions on this topic, you can contact me via the email address below. You can also find lots of related articles here on our WirelessCar Insights Blog, on topics such as automotive cybersecurity, data privacy, cybersecurity threat intelligence, machine learning, and UNR 155 and ISO/SAE 21434. Omar Abu Nabah Cybersecurity Specialist Contact