Impact Report 2016

Safety in the Driver’s Seat

From cars to medical devices, the connected product revolution is here

Automotive engineers and innovators want to be the first to bring exciting new connected features onto the latest car models, and consumers continue to demand more. The downside: That connectedness to the Internet now means the industry faces more cyber exposure and cyber threats than ever before.

One leading global auto manufacturer was among the first to recognize this emerging risk, and unlike many of Booz Allen’s clients―for whom cybersecurity means protecting intellectual property and employee information—the landmark realization that cybersecurity also means protecting people’s lives suddenly became one of the automotive industry’s highest priorities.

Consumers also started demanding security when in July 2015, news broke that a vehicle was hacked at highway speeds. By that time—thanks to Booz Allen’s consultative approach and cybersecurity expertise—this global automaker (who was not the subject of the 2015 hack) already had a strategy in place to respond to such incidents and secure its vehicles. Booz Allen’s team had successfully guided this client through a cultural and data-driven transformation designed to support and facilitate its comprehensive vehicle cybersecurity program, going from having no response capability to setting the market standard for response planning in 6 months.

Overcoming “a challenge that no one had ever addressed that would require cyber expertise and the ability to bridge internal cultural and data divides—this is where Booz Allen excels,” says Vice President Sedar LaBarre. “For us, success meant securing the vehicles we all rely on to transport our families and bringing our client to the industry forefront.”

Watch: Booz Allen delivers transformation to automotive industry.

Our ability to quickly build a team with government security and intelligence experience, analytics and telematics capabilities, and commercial manufacturing expertise allowed us to define the scope of vehicle cybersecurity and address the connected vehicle ecosystem as a whole.

Booz Allen also realized success was as much about culture as it was about engineering. We worked shoulder to shoulder with staff across this automaker's organization to transform their environment from an engineering to a security mindset. After Booz Allen’s recommendation to leadership that the company stand up an internal Product Cybersecurity team led by a new chief product cybersecurity officer, it took only 6 weeks to become a reality and for the client to reprioritize risk mitigation investments.

“We were trusted to fearlessly challenge and disrupt the status quo across the client organization,” says Sedar. “In the face of something that seemed impossible, Booz Allen’s team delivered the best of what our firm has to offer, enabling the protection of millions of drivers and transforming the way this client―and now the industry—identifies, assesses, and responds to vehicle cybersecurity.”

Booz Allen's transformation team of men and women.

The team that helped deliver the transformation detailed in this story, together at the 2016 Booz Allen Excellence Awards.

Having proven our mettle as a full-service partner equally capable of building, testing, and deploying a system that analyzes on-vehicle data as we were developing a supply chain strategic roadmap, this client’s leadership has now tasked Booz Allen with designing and operationalizing new capabilities where we’ll continue to bring the breadth of our expertise to bear.

“We're armed with the acumen to help clients recognize opportunities in the new connected product environment while keeping safety and security a number one priority.”

An extension of our work with the automaker led to Booz Allen assisting the auto industry in developing and operating the first Information Sharing and Analysis Center (ISAC) sharing cyber threat and vulnerability information. As millions of us get behind the wheel in an increasingly interconnected future, the ISAC means an added layer of cyber protections. It will serve as a central hub for intelligence and analysis, enabling the timely sharing of cyber threat information and potential vulnerabilities in vehicle electronics or in-vehicle networks, ultimately safeguarding drivers every time they turn on the ignition.

Booz Allen’s experience in cyber threat intelligence, developing and implementing information-sharing programs, and building cultures of trust across industries empowered us to provide the industry with a turnkey solution to address its specific, integrated cyber threat landscape.

Principal Jon Allen and his team were instrumental in developing the prospectus for the auto industry to create the ISAC. “The industry recognized that security risks are going to rise as vehicles become more connected,” he says. “It’s about taking a proactive stance that looks across the ecosystem and includes forming the industry’s best practices for securing the vehicle.”

From cars to medical devices, the reality of a connected product revolution is upon us. And Booz Allen is ready—armed with the acumen to help clients recognize opportunities for evolution while keeping safety and security priority number one.

Download the full PDF of the 2016 Impact Report.

Download