The Threat From Within: Automotive Ramps Up Cybersecurity But Must Understand Hiring Better

The Threat From Within: Automotive Ramps Up Cybersecurity But Must Understand Hiring Better

A storm is brewing. Legislators around the world have rightfully begun to protect the public from international, cybersecurity threats via explicit regulations and mandated certifications. Organizations like the United Nations Economic Commission for Europe have established operational requirements that mandate manufacturers sufficiently detect, protect and update products against ongoing threats well after sale of the car or face the inability to sell that vehicle in regions around the world. Billons of dollars of revenue. And looming deadlines that ramp-up from 2022 to 2024 as the final ISO standard has not even been released yet. This has ignited a hiring frenzy with the automotive sector for cybersecurity expertise for everything to upfront design to penetration testing to incident response. Those resources are typically hired in one of three ways: 1) staff augmentation companies with low-cost, typically-offshored heads usually without strong expertise, 2) consulting companies with higher-cost experts equating to a worthwhile, temporary shoring but not a long-term solution or 3) long-term, full-time, medium-cost, dedicated employees that are devoted to the brand's success. The latter is suddenly in very-short supply, especially with the desired automotive embedded-design experience. So posting, pilfering and pillaging has ensued with completion dates getting accidentally snowplowed further into