IDEAS home Printed from https://ideas.repec.org/a/spr/envsyd/v44y2024i4d10.1007_s10669-024-09971-0.html
   My bibliography  Save this article

Exploring effective strategies against cyberattacks: the case of the automotive industry

Author

Listed:
  • Abraham Onipe Okomanyi

    (Enterprise Risk & Security, Cox Automotive, Inc.)

  • Audra R. Sherwood

    (Grand Canyon University)

  • Ekundayo Shittu

    (The George Washington University)

Abstract

Despite stringent regulatory scrutiny and increased cybersecurity spending, data breaches and cyberattacks have persisted, resulting in dire socioeconomic consequences. Particularly affected is the automotive industry, where original equipment manufacturers (OEMs) have implemented effective strategies against cyberattacks. Limiting the vulnerability of connected and autonomous vehicles to cyberattacks requires an expanded suite of strategies over and above technological safeguards. This study, guided by the National Institute of Standards and Technology cybersecurity framework, aimed to answer two questions: First, how do leaders of automotive OEMs describe and interpret the use of cybersecurity frameworks to prevent cyberattacks? Second, how does the perceived impact of potential cyberattacks influence the cybersecurity framework used by automotive OEM leaders? Using purposeful sampling, 20 automotive OEM leaders in the cybersecurity field responded to questionnaires and interviews to reveal three insights: (a) The automotive OEMs must reinforce bundled risk management frameworks because attackers will continue to exploit human vulnerabilities to gain access to secured systems, and this calls for reducing human vulnerabilities by understanding employee behaviors; (b) The leaders have to embrace open-threat intelligence through information sharing. Instructive for policy-making is the continued advocacy for threat intelligence-sharing platforms that are transparent and timely; (c) Uniquely insightful is leveraging blockchain technology to manage and securely track CAVs and their components enhances the automotive OEMs’ ability to maintain cyber-defensible CAV assets.

Suggested Citation

  • Abraham Onipe Okomanyi & Audra R. Sherwood & Ekundayo Shittu, 2024. "Exploring effective strategies against cyberattacks: the case of the automotive industry," Environment Systems and Decisions, Springer, vol. 44(4), pages 779-809, December.
  • Handle: RePEc:spr:envsyd:v:44:y:2024:i:4:d:10.1007_s10669-024-09971-0
    DOI: 10.1007/s10669-024-09971-0
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10669-024-09971-0
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s10669-024-09971-0?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Aleksander Buczacki & Piotr Piątek, 2021. "Proposal for an Integrated Framework for Electronic Control Unit Design in the Automotive Industry," Energies, MDPI, vol. 14(13), pages 1-26, June.
    2. Arunabha Mukhopadhyay & Samir Chatterjee & Kallol K. Bagchi & Peteer J. Kirs & Girja K. Shukla, 2019. "Cyber Risk Assessment and Mitigation (CRAM) Framework Using Logit and Probit Models for Cyber Insurance," Information Systems Frontiers, Springer, vol. 21(5), pages 997-1018, October.
    3. Alexander A. Ganin & Phuoc Quach & Mahesh Panwar & Zachary A. Collier & Jeffrey M. Keisler & Dayton Marchese & Igor Linkov, 2020. "Multicriteria Decision Framework for Cybersecurity Risk Assessment and Management," Risk Analysis, John Wiley & Sons, vol. 40(1), pages 183-199, January.
    4. Ekundayo Shittu & Geoffrey Parker & Nancy Mock, 2018. "Improving communication resilience for effective disaster relief operations," Environment Systems and Decisions, Springer, vol. 38(3), pages 379-397, September.
    5. Narendra Sharma & Ebere A. Oriaku & Ngozi Oriaku, 2020. "Cost and Effects of Data Breaches, Precautions, and Disclosure Laws," International Journal of Emerging Trends in Social Sciences, Scientific Publishing Institute, vol. 8(1), pages 33-41.
    6. Nisha Rawindaran & Ambikesh Jayal & Edmond Prakash & Chaminda Hewage, 2021. "Cost Benefits of Using Machine Learning Features in NIDS for Cyber Security in UK Small Medium Enterprises (SME)," Future Internet, MDPI, vol. 13(8), pages 1-36, July.
    7. Geoff Walsham, 2006. "Doing interpretive research," European Journal of Information Systems, Taylor & Francis Journals, vol. 15(3), pages 320-330, June.
    8. Boyson, Sandor & Corsi, Thomas M. & Paraskevas, John-Patrick, 2022. "Defending digital supply chains: Evidence from a decade-long research program," Technovation, Elsevier, vol. 118(C).
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Jae Kyu Lee & Younghoon Chang & Hun Yeong Kwon & Beopyeon Kim, 2020. "Reconciliation of Privacy with Preventive Cybersecurity: The Bright Internet Approach," Information Systems Frontiers, Springer, vol. 22(1), pages 45-57, February.
    2. Arvin Sahaym & Joseph Vithayathil & Suprateek Sarker & Saonee Sarker & Niels Bjørn-Andersen, 2023. "Value Destruction in Information Technology Ecosystems: A Mixed-Method Investigation with Interpretive Case Study and Analytical Modeling," Information Systems Research, INFORMS, vol. 34(2), pages 508-531, June.
    3. Schmidt, Adam & Albert, Laura A. & Zheng, Kaiyue, 2021. "Risk management for cyber-infrastructure protection: A bi-objective integer programming approach," Reliability Engineering and System Safety, Elsevier, vol. 205(C).
    4. Md Shihab Shakur & Maishat Lubaba & Binoy Debnath & A. B. M. Mainul Bari & M. Azizur Rahman, 2024. "Exploring the Challenges of Industry 4.0 Adoption in the FMCG Sector: Implications for Resilient Supply Chain in Emerging Economy," Logistics, MDPI, vol. 8(1), pages 1-28, March.
    5. Monideepa Tarafdar & Guohou Shan & Jason Bennett Thatcher & Alok Gupta, 2022. "Intellectual Diversity in IS Research: Discipline-Based Conceptualization and an Illustration from Information Systems Research," Information Systems Research, INFORMS, vol. 33(4), pages 1490-1510, December.
    6. Emily Heaney & Laura Hunter & Angus Clulow & Devin Bowles & Sotiris Vardoulakis, 2021. "Efficacy of Communication Techniques and Health Outcomes of Bushfire Smoke Exposure: A Scoping Review," IJERPH, MDPI, vol. 18(20), pages 1-14, October.
    7. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    8. Michael Weber & Martin Engert & Norman Schaffer & Jörg Weking & Helmut Krcmar, 2023. "Organizational Capabilities for AI Implementation—Coping with Inscrutability and Data Dependency in AI," Information Systems Frontiers, Springer, vol. 25(4), pages 1549-1569, August.
    9. Katarzyna Grzybowska & Patrycja Hoffa-Dabrowskas, 2022. "Digital Technology for Digital Supply Chain – Οverview," European Research Studies Journal, European Research Studies Journal, vol. 0(3), pages 582-594.
    10. Tobias Wulfert, 2023. "Boundary resource management in innovation ecosystems: The case of e-commerce," Electronic Markets, Springer;IIM University of St. Gallen, vol. 33(1), pages 1-27, December.
    11. Minghong Shi & Chao Zhang & Chun-Liang Chen, 2023. "The Evolution of Corporate Innovation in the O2O Model—Case Studies in the Chinese Jewelry Retail Sector," Sustainability, MDPI, vol. 15(17), pages 1-39, August.
    12. Alessandro Mazzoccoli, 2023. "Optimal Cyber Security Investment in a Mixed Risk Management Framework: Examining the Role of Cyber Insurance and Expenditure Analysis," Risks, MDPI, vol. 11(9), pages 1-14, August.
    13. Dorothy Chibvembe & Harrison Daka & Mukuka Lydia Mulenga -Hagane, 2023. "Experiences of Women in Managerial Positions in the Education System. A Case Study of Selected Secondary Schools in Lusaka District, Zambia," International Journal of Research and Scientific Innovation, International Journal of Research and Scientific Innovation (IJRSI), vol. 10(11), pages 177-187, November.
    14. Alessandro Mazzoccoli & Maurizio Naldi, 2022. "An Overview of Security Breach Probability Models," Risks, MDPI, vol. 10(11), pages 1-29, November.
    15. Ben Krishna & Satish Krishnan & M. P. Sebastian, 2023. "Examining the Relationship between National Cybersecurity Commitment, Culture, and Digital Payment Usage: An Institutional Trust Theory Perspective," Information Systems Frontiers, Springer, vol. 25(5), pages 1713-1741, October.
    16. Yunjia Ma & Sijia Chen & Kaiwen Zhang & Yumeng Yang, 2022. "Temporal and Spatial Pattern Evolution and Influencing Factors of the National Comprehensive Disaster-Reduction Demonstration Community in China," Sustainability, MDPI, vol. 14(22), pages 1-16, November.
    17. Kumar, Jitender & Katiyar, Gagan & Mehrotra, Ankit & Attri, Rekha & Vishnoi, Sushant Kumar, 2024. "Connecting BOP consumers and retailers: What drives small-time retailing through social media?," Journal of Retailing and Consumer Services, Elsevier, vol. 77(C).
    18. Kalpit Sharma & Arunabha Mukhopadhyay, 2023. "Cyber-risk Management Framework for Online Gaming Firms: an Artificial Neural Network Approach," Information Systems Frontiers, Springer, vol. 25(5), pages 1757-1778, October.
    19. Letiche, Hugo & De Loo, Ivo & Lowe, Alan & Yates, David, 2023. "Meeting the research(er) and the researched halfway," CRITICAL PERSPECTIVES ON ACCOUNTING, Elsevier, vol. 94(C).
    20. Alessandro Annarelli & Giulia Palombi, 2021. "Digitalization Capabilities for Sustainable Cyber Resilience: A Conceptual Framework," Sustainability, MDPI, vol. 13(23), pages 1-9, November.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:envsyd:v:44:y:2024:i:4:d:10.1007_s10669-024-09971-0. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.