IMPROVING CYBERSECURITY RESILIENCY IN CONNECTED VEHICLES BY USING COBIT IN CAR RENTAL COMPANY

Abstract

Connected vehicles have come with both convenience and risks. Despite positive attributes of connected vehicles that improve safety and driving experience, connected vehicles also come with its own risks toward safety and security. Various safety standards to regulate car manufacturers and their OEM in producing modern vehicles have been issued. Unfortunately, the same can not be said about security of modern vehicles. These companies tend to operate in archaic cybersecurity protocols – thus exposing customers and owners of fleet of vehicles to cybersecurity risks that are not only causing financial damage, but also could harm anyone in that vehicle. This condition is also exacerbated by different interests between car manufacturers, OEMs, fleet owners, customers, and other stakeholders, especially when related to data and privacy management. In response, regulators have issued many standards to address this but still ended in various regulations and standards that were not to address specifically to automotive cybersecurity. This in turn, would cause customers and fleet owners at complicated automotive cybersecurity regulations that are not in favor to their interests. COBIT helps to not only making sure that Enterprise Goals are aligned with IT goals, but also transforming cybersecurity mindset at every level of the company. This would require robust IT governance model and strong tone from the top to ensure risk optimization are implemented within structured and accountable process.