Securing automotive data: Overcoming complex challenges

Today, every automotive business is a digital business. Consider your digitalized extended supply chains, with which you share proprietary design data, as well as the vast array of automated and AI-enabled processes used in your manufacturing facilities. And what about the dozens of proprietary and third-party software products you’ve embedded into vehicles? Experts estimate that for a typical vehicle, these products generate, collect, and process 25GB of data per hour—and much of it is sensitive customer data about location, driving behavior, face and voice, and more. Your customers expect this data to stay private. 

All of this makes protecting, securing, and ensuring the availability of data critical to the success of your enterprise—and it explains why we’re seeing new laws and regulations to ensure that automotive companies modernize their data protection and security approaches. For example, in the EU, the Cyber Resilience Act will strengthen cybersecurity standards of products—including vehicles—that contain a digital component by requiring manufacturers and retailers to ensure cybersecurity throughout the product lifecycle.

These are just a few reasons why every automotive business needs a modern, intelligent data platform that can keep sensitive data secure and protected. And thanks to certifications like TISAX (Trusted Information Security Assessment Exchange), you can make informed buying decisions about data platforms.  

TISAX is a globally recognized certification standard. It assesses the degree to which a business meets stringent information security requirements defined specifically for the automotive industry.  While not mandated by law, TISAX certification is often required by major automotive manufacturers and suppliers to do business with them. In this way, TISAX certification improves data security and protection by ensuring that companies implement the necessary controls to protect sensitive information from unauthorized access, loss, or theft.

NetApp’s intelligent data infrastructure solutions are now certified by TISAX, proving just how safe and secure our data platform is for automotive OEMs and their Tier 1 suppliers. When your data runs on NetApp® systems, you have next-generation data protection and security capabilities that: 

• Keep your data safe by preventing breaches and ransomware attacks 
• Enable business continuity and data availability, even during outages 
• Allow you to confidently collaborate and share sensitive data with TISAX-certified suppliers and partners  
• Maintain confidentiality so that data is shared with and available to the right entities and people 

And because our data management solutions are easily tailored for specific needs, they can meet unique, highly customized requirements while still providing 99% data recovery. 

NetApp cyber-resilience solutions lead the industry, maximizing data protection and security and increasing data governance and compliance. To illustrate how our solutions protect and secure data, let’s look at a few automotive industry–specific use cases. 

Protecting against sensitive data breaches and ransomware attacks 

Data breaches are increasingly common. For example, in summer 2024, a large automaker confirmed that hackers gained access to a significant amount of sensitive customer and employee data, including contracts, emails, financial information, and network infrastructure details. It’s just one in a series of significant data breaches, highlighting the challenges of protecting data, even for well-resourced automotive giants. Similarly, another major European automaker is reeling from unauthorized access to a substantial amount of recorded location data from electric vehicles—personal data that can be used for nefarious purposes.   

NetApp’s intelligent data infrastructure protects against data breaches, as well as ransomware attacks, in a variety of ways. Our solutions discover and categorize your data so you can apply intelligent controls to improve security and compliance, especially for sensitive data. They provide real-time detection with 99% accuracy and near-instant response capabilities, leveraging AI-powered autonomous technology built directly into NetApp ONTAP® data management software. This vastly reduces the impact of successful attacks and prevents unauthorized access, disclosure, and modification of your stored data. Encryption, protection of data at risk, and AI-driven privacy controls help you keep sensitive data secure and private. Monitoring and reporting help you stay ahead of potential issues, and alerts help you identify and respond swiftly to suspicious activity. In addition to TISAX certification, our solutions meet key regulatory standards such as FedRAMP, StateRAMP, and Department of Defense impact levels. 

Enabling business continuity during outages 

Increasingly, cybercriminals are going after organizations with manufacturing operations because they know that vulnerable legacy software is widely used in factories, and downtime can cost millions, pushing companies to pay ransoms quickly. For instance, in 2022, a major automaker suspended operations in 28 production lines across 14 plants due to a cyberattack on its supplier. This attack disrupted communications and production monitoring systems, causing a temporary halt in manufacturing operations.  

Events like these can have devastating impacts on automotive companies and the suppliers that OEMs depend on. That’s why businesses across the extended supply chain need a data infrastructure that can be set up as quickly as possible if an attack or outage occurs. Our solutions eliminate backup windows and facilitate a quick and full recovery when disaster strikes. And NetApp’s disaster recovery services enable you to maintain availability of your data and applications across your hybrid cloud and distributed workforce. 

Want to learn more about how NetApp’s TISAX-certified solutions protect and secure data for automotive OEMs and tier 1 suppliers? Email NetApp.

Disclaimer: No ransomware detection or prevention system can completely guarantee safety from a ransomware attack. Although it’s possible that an attack might go undetected, NetApp technology acts as an important additional layer of defense, and our research indicates NetApp technology has resulted in a high degree of detection for certain file encryption-based ransomware attacks.