Engineer News Network The ultimate online news and information resource for today’s engineer
As vehicles, production systems and supply chains become more interconnected, the Bodo Philipp details why cybersecurity is now central to operational resilience, and the need to embed it across engineering, manufacturing and organisational culture to enable confident, secure transformation.
The automotive industry has been talking about digital transformation for years, but the reality we’re living through now has taken things to a different level. A modern car contains layer upon layer of software. Plants run on networks of sensors and controllers that rarely sleep. And suppliers — hundreds of them, in some cases — exchange data constantly just to keep programmes on track. It’s a remarkable system when you stand back and look at it. But as system functions become more integrated and software-driven, the more obvious it becomes how fragile it can be.
In the UK, independent research commissioned by the Department for Science, Innovation and Technology estimates the average cost of a significant cyber attack on a business is almost £195,000, and that when you scale this across the economy, the annual bill comes to around £14.7 billion (roughly 0.5% of UK GDP). Combined with the fact that the UK is now the most targeted country in Europe for cyber attacks, and a series of high-profile incidents across manufacturing and the automotive sector, it’s clear the economic impact is no longer abstract.
The message is clear. The industry’s digital backbone has become critical to its ability to operate, compete, and comply with regulation. That means building cybersecurity directly into engineering practice, using the same rigour that underpins the sector’s approach to safety and quality, is fast becoming essential. And that shift in focus on cybersecurity is increasingly driven by the reality that deeper integration bring both greater capability and greater exposure. And this is already beginning to reshape how many leading automotive organisations think about business resilience against the backdrop of these rising threats.
Interconnected systems, interconnected risks
If you follow a vehicle development programme from concept to production, the degree of interdependence is striking. A team developing an Advanced Driver Assistance System (ADAS) feature might be working in a shared cloud environment with colleagues several time zones away. A small supplier may be responsible for a line of code that ends up deep inside a critical control system. And the factory building the car depends on real-time analytics that sit in off-site data centres.
It all works perfectly until the day it does not. One leaked password can shut down a line. A forgotten test server can expose a design file no one realised was sitting there. In one recent incident within the automotive sector, a single, routine action, carried out without any malicious intent by a single person was enough to trigger a chain of events that disrupted operations for an extended period. An incident such as this, or a ransomware hit on a Tier 2 supplier can leave an OEM scrambling to keep a launch on schedule. The traditional idea of protecting a single, well-defined perimeter doesn’t stand up well to this kind of architecture. Data and control systems now live everywhere.
The real sticking point, though, is visibility. Many organisations are still discovering what their digital estate actually looks like. Which systems talk to each other? Which suppliers have access to which platforms? And, what would break if one component went offline? As vehicle functions, production systems and back-end enterprise systems become more tightly integrated, gaps in that understanding add both complexity and increased vulnerability. A clear map of that landscape, and some discipline around how it is maintained, is increasingly becoming one of the most important building blocks of resilience and protection from cyberattacks.
Industry regulations such as UNECE WP.29 R155 and R156 only reinforce this. If a manufacturer cannot demonstrate control over cybersecurity risks across suppliers, software and in-life updates, they can’t sell vehicles into key markets. Therefore, they risk a significant hit on their bottom line. That reality is forcing a mindset shift that, frankly, is overdue.
People, process and the everyday nature of cyber risk
For all the sophistication of modern automotive systems, many incidents still start with the most ordinary of moments and simple human error. For example, someone rushing to get a task finished. A patch put off until later. A device plugged in without a second thought. None of these actions are unusual. But, in a highly connected automotive engineering and manufacturing environment, their impact can be wider than anyone expects, and they can open the door to significant problems that can take hold and escalate quickly.
The organisations that deal with this best make cybersecurity feel like it’s just part of how work gets done, not something bolted on from the outside. Training tends to be short, regular and tied directly to day-to-day tasks too. Factory teams begin to see why skipping one small step can cause issues elsewhere. Engineers understand that security isn’t the final hurdle before release either. It’s part of the design process. And leadership treats security in the same tone as quality or delivery because it genuinely affects everything downstream.
A new kind of operational resilience
One of the more unsettling developments in recent years is how often cyber incidents now spill out of the IT domain and into physical operations. IBM’s recent threat intelligence report highlights that manufacturing remains one of the most targeted sectors globally. Nowadays, ransomware doesn’t just lock up spreadsheets. It can freeze robots, shut down paint shops and leave whole manufacturing facilities in limbo. In many factories, IT and Operational Technology (OT) systems have grown together over decades. A security gap in one area can create consequences no one anticipated.
Trying to ‘seal every gap’ is not possible though. What matters is understanding which systems absolutely must stay online, which can be taken down safely, and how to recover in a controlled way. Some manufacturers now run scenario workshops for this reason, following the sort of best practice put forward by the UK’s National Cyber Security Centre (NCSC). They rehearse a cyber incident as they would any other business-critical disruption. Who calls whom? What information is needed? What trade-offs must be made in the first half hour? These exercises often reveal dependencies that were entirely invisible beforehand.
Securing innovation at scale
The industry’s direction is evident. Electrification, advanced driver assistance, digital diagnostics and connected services are becoming central to vehicle programmes. All of these rely on software behaving predictably. Not just in the plant but out in the world too.
Over-the-air (OTA) updates are a good example. They let manufacturers improve vehicles long after they’ve left the factory, which is a powerful tool to have. But they also create a permanent route into the car’s software. As UNECE R156 notes, if update servers, signing processes or key-management systems are not watertight, vulnerabilities can end up being delivered straight into an in-life vehicle. As system integration deepens, the potential impact of any weakness grows in parallel, and that’s a risk no OEM wants to carry.
The encouraging thing is that when cybersecurity is baked into development pipelines and data flows from the start, work tends to move faster rather than slower. ISO/SAE 21434 points in the same direction too. Early integration reduces rework, supports compliance and gives teams the confidence to make decisions quickly. It also makes collaboration smoother, because suppliers know they are working inside a secure and well-managed environment.
Conclusion
Automotive has long been associated with trust: trust in engineering, trust in safety, trust in the people making decisions every day. Cyber resilience is simply that same mindset expressed in a digital world. The organisations that weave it into their culture, not just their compliance schedule, will be better placed to adapt to whatever the next few years bring.
Technology will keep changing. New vulnerabilities will appear. Some, including those driven by leaps forward in computing power and quantum technology, will challenge today’s assumptions about security. But the industry’s long-standing principles of discipline, precision, and collective responsibility still hold. Cybersecurity gives those principles a new arena, and increasingly, it will define how confidently companies can transform in the face of rising threats.
Bodo Philipp is CEO, MHP Consulting UK, a Porsche-owned global management and IT consulting firm specialising in digital transformation and process optimisation for the automotive and manufacturing industries.
