Fighting an Invisible Army

A Teaching Moment -- Josh Davis assumes the role of a college professor to explain a technical complexity in TMNA's defenses against the relentless efforts of computer hackers.

Spend some time talking with Josh Davis and you may soon find yourself looking over your shoulder.
After all, TMNA’s chief cyber security officer says things like:
“There’s an invisible army working against us.”
“It’s a cat-and-mouse game.”
“It only takes one weak link in the chain.”
Is Davis a bit paranoid? Maybe. But that’s kind of his job. After all, he’s been entrusted with ensuring the data generated and shared by the company’s systems, operations and products remain secure.
“There’s never a boring day,” he says.
Davis came to Toyota after spending 20 years at Qualcomm. The San Diego, California-based tech pioneer led the R&D charge in the transition from the 2G mobile network to 3G and 4G and established the early parameters for 5G. So, they know a thing or two about cyber security.
Davis started there as a systems programmer, then worked his way up the management ladder. Over that time, he saw Qualcomm’s cyber security workforce grow from seven people to more than 200. A similar dynamic has been playing itself out at TMNA, at hyper speed. Davis now oversees more than 200 team members. When Chief Digital Officer Zack Hicks convinced Davis to make the leap to Toyota just under three years ago, there were only 55.

The Rise of Connected Vehicles

Some of that growth is in response to the proliferation of hackers, from the “guy or gal tinkering in a garage to a really bad nemesis like a foreign nation state,” says Davis. But just as significant has been the rise of connected vehicles that can talk with one another and Toyota.

That data flow is becoming increasingly important to the company’s long-term viability. But, simultaneously, it’s becoming increasingly attractive to hackers and increasingly difficult to protect.

“We need to make a vehicle that’s seen as a trusted platform, just like you would the phone in your pocket,” says Davis. “The old mindset was, ‘build it, ship it and we’re done.’ Now, there needs to be an ongoing interaction with the vehicle to keep it up to date and protected. Customers need to know the data that’s created as they interact with their vehicles is secure.”

All Hands On Deck-- Davis might be TMNA's chief cyber security officer and a vice president. But, clearly, he doesn't manage from afar.
‘Like Being on a Treadmill’
It’s an incredibly complex challenge, akin to 3D chess. Toyota can create a robust system. But from the moment it’s put into play, Davis says hackers are banding together to figure out how to break it. And when they do, Toyota must respond with a new solution — which inevitably will try to be hacked as well.
“Some people say it’s like being on a treadmill,” says Davis. “There’s a constant back and forth. It definitely keeps the team energized.”
The scope of the task is also staggering. In addition to vehicles, Davis and his team are responsible for maintaining the cyber security of Toyota’s North American manufacturing facilities, the constellation of business partners in the supply chain and TMNA’s enterprise-wide information systems.
Amid the uncertainty, their efforts go directly to promoting a core Toyota value that will never change: quality.
“Customers are starting to realize that security and privacy are part of the quality of the product,” says Davis. “Expectations have risen dramatically in the wake of security breaches at companies like Facebook, Experian and Target. How we handle this will have a direct impact on our brand reputation. We want to be the market leader on this front, not a follower. So, we are hiring the best and the brightest and pushing our agenda forward.”

Want to do your part to help this cause? Check out these practical cyber security tips.
By Dan Miller