Fifty percent of drivers surveyed across the UK and Germany by Veracode and IDC are concerned about the security of connected cars’ driver-aid applications such as adaptive cruise control, self-parking and collision avoidance systems, reflecting an equal level of concern with the safety of the whole vehicle. IDC predicts a security lag of up to three years before vehicles’ systems catch up with cyber threats.

IDC’s research and interviews with major automobile manufacturers found that:

• Driver-downloaded applications pose a security challenge. When drivers add applications that were not developed by the manufacturer, the vehicle is exposed a whole new range of potential attacks and vulnerabilities.
• 87 percent of drivers polled believe all aspects of safety – including applications’ resiliency to a cyberattack – rests with the manufacturer, regardless of whether the in-car application was developed by the car manufacturer or not.
• Manufacturers do not feel they need to worry about drivers’ data privacy, but 46 percent of drivers are concerned over this issue, particularly as applications continue to integrate. If, for example, a navigation system is developed to locate, reserve and pay for parking automatically, the potential for credit card data to be at risk arises.