1. Collaborate on standards: Work with regulators to help shape policies that balance innovation with privacy.

2. Monitor emerging threats: AI-driven cyberattacks and supply chain vulnerabilities are growing concerns, with new developments arising.

3. Build consumer trust: Maintain confidence among your customers by ensuring their data is protected and their connected vehicles are secure from threats.

As vehicles get smarter, so do the threats, turning every connection point into a potential vulnerability.

This year, we learned that although ransomware and extortion remain high on the list of concerns, the number of respondents identifying these as a significant concern has declined from 65% to 45%. Meanwhile, AI-driven cyberattacks (37%) and supply chain vulnerabilities (29%) raise novel questions about what the automotive industry must do to stay one step ahead of bad actors.

Cyberattacks targeting vehicles or IoT systems (25%) and threats to critical infrastructure like chargers and wireless networks (28%) further emphasize the growing complexity of this landscape. Security gaps in legacy components (8%) are also a growing concern, particularly as older systems struggle to meet the security demands of increasingly connected environments. The more connected systems become, the wider the attack surface grows for IoT-enabled vehicles, V2X communication systems, and global supply chains.

Companies across the automotive industry are exploring creative strategies—zero-trust frameworks, AI-powered defenses, and robust data privacy measures—to protect products, components, and reputations. 

Cybersecurity regulations are inherently complex, but highly variable rules across state lines and international borders make compliance even more complicated. The U.S. lacks a unified framework, leaving states to set their own standards for general and vehicle-specific data protection. Further, many technologies introduced into vehicles present new questions under old laws governing audio/video capture, event data recording, and GPS use. Finally, global mandates like the EU’s GDPR and UN Regulation No. 155 add another layer of complexity internationally. Notably, 58% of survey respondents cited “adapting to new cybersecurity regulations and standards” as a headline concern for 2025.

Fortifying defenses may require a collaborative approach with supply chain partners, where aligning cybersecurity protocols and conducting joint risk assessments can help identify and address vulnerabilities, both within vehicles and their systems and across entire networks.

As the industry moves forward, the real challenge will be navigating a regulatory landscape that often feels more fragmented than the risks themselves. However, embracing these changes offers an opportunity to lead on trust and transparency in an era where consumer confidence can make or break a brand.