Software-Defined Cars Face a Rising Cyber Tide

Auto cyber incidents crossing organizations surged in 2025, revealing gaps in security governance for software-defined vehicles

13 Mar 2026

In 2025 a cyber weakness at one company could quickly become a problem for many. According to the VicOne 2026 Automotive Cybersecurity Report, cross-organisational cyber incidents in the automotive sector more than tripled last year. Of 610 recorded incidents, 161 spread across company or regional boundaries, far more than in 2024.

The rise reflects a shift in how cars are built. Modern vehicles increasingly rely on centralised software platforms and over-the-air updates. These allow manufacturers to fix bugs or add features remotely. But they also mean that a single vulnerability can ripple through subsidiaries, suppliers and entire fleets at once.

VicOne describes the present moment as the industry’s “Overlap Era”. Legacy vehicle platforms now operate alongside software-defined systems and AI-driven features. The mixture creates layers of risk that traditional security frameworks were not designed to manage.

The targets are changing, too. In-vehicle systems now account for roughly 40% of incidents, overtaking corporate IT networks as the main focus of attackers. Around one-third of all risks directly affect driver-facing functions. Cybersecurity failures are therefore no longer confined to back-office servers; they increasingly shape the experience of drivers themselves, and with it public trust in car brands.

Electric-vehicle charging infrastructure adds another vulnerability. Charging stations connect vehicles, smartphone apps, cloud platforms and the power grid. Each link creates a new entry point for attackers, yet governance of this ecosystem remains fragmented.

Regulation has begun to catch up. Frameworks such as UN R155 and ISO/SAE 21434 have pushed manufacturers and suppliers to raise their baseline security standards. Yet these rules largely assume that systems operate in discrete domains. Software-defined vehicles blur those boundaries, linking cloud services, dealer networks and in-car software into a single environment.

Artificial intelligence complicates matters further. Systems that learn continuously challenge traditional testing methods. If training data were compromised, faulty behaviour could spread across entire generations of vehicles.

For carmakers, especially in America’s large automotive supply chains, the implication is clear. Cybersecurity can no longer sit quietly within the IT department. In a world of connected vehicles and shared software platforms, it has become a matter for the boardroom.