GM Appoints First Cybersecurity Chief

Written by

General Motors has appointed its first-ever cybersecurity chief, Jeffrey Massimilla, ahead of a push towards driverless cars.

The news comes amid a review of the company’s product-development procedures following an ignition switch recall linked to 13 deaths and 54 crashes.

The No. 1 car manufacturer told Reuters that it has established “one integrated organization, Vehicle and Vehicle Services Cyber Security, to deal with cybersecurity for vehicles and vehicle-connected services. This team will utilize our internal experts and work with outside specialists, to develop and implement protocols and strategies to reduce the risks associated with cybersecurity threats.”

Massimilla was the former engineering group manager for infotainment for GM, and as such is intimately familiar with the connected car concept. GM has embraced the idea in a big way, with many 2015 vehicles slated to include an embedded 4G LTE mobile Wi-Fi hotspot.

Within two years, GM also hopes to intro its first car that can communicate with other vehicles and surrounding infrastructure, like stoplights, to help avoid accidents and ease traffic congestion. The 2017 model Cadillac CTS sedan will be the first to come with the technology as part of the standard package. Capabilities will include automatic braking if a crash is imminent and self-regulating cruise control.

And, the automaker is working on preliminary options for hands-free driving in some cases, she said, like a “Super Cruise” feature for freeway driving, also due for 2017. Fully-automated cars are in the pipeline too, but CEO Mary Barra said in early September that it would take at least until 2020 for such a vehicle to be commercialized.

“I’m convinced customers will embrace (vehicle-to-vehicle) and automated driving technologies for one simple reason: they are the answer to everyday problems that people want solved,” she said.

All of this is exciting from an innovation standpoint of course but with connectivity comes compromises, and the idea of a hacker being able to gain control over a vehicle remotely is, in short, a terrifying prospect. But even the mobile hotspot is of concern; bad actors can discover other devices attached to it in order to load malware, carry out man-in-the-middle attacks and other nefarious tasks. And in fact, researchers have already shown connected cars to be vulnerable, with proto-hacks demonstrating everything from radio takeovers to navigation systems hijacking.

So, a lot is riding, so to speak, on GM taking cybersecurity seriously.

"As we put semi-autonomous and autonomous systems in the vehicles, we have to be able to look at this at a very, very critical systems level and do it defect-free for the customer," Mark Reuss, GM's executive vice president of global product development, purchasing and supply chain, told reporters at the MICHauto Summit in Detroit.

What’s hot on Infosecurity Magazine?