Connected Business Technology How can AI in compliance improve cybersecure connected vehicle services? November 26th, 2025 Artificial Intelligence is changing connected vehicles as we know them. While still in its nascent stage, AI is already having a profound impact on most aspects of connected vehicle service development, including cybersecurity and compliance. Let’s look at what this means for automakers, and how AI in compliance can improve the cybersecure connected vehicle services of today and tomorrow. What does AI in compliance mean? AI in compliance is the process through which AI helps make your systems and business operations compliant with regulations and ethical standards. The AI automates and augments tasks related to, primarily, data monitoring and analysis, risk and fraud assessment, and regulatory oversight. AI is able to parse through large, complex data sets, read new documentation and standards (including legislation), and compile this information in a digestible, useful way. This is a good example of how it can facilitate and enhance an otherwise repetitive, time-consuming task. This capacity helps make AI a key part of the development loop of connected vehicle services. Concepts, ideas, and topics are presented and recontextualized, allowing for better legislative compliance; for automakers as well as their business partners. Why AI in compliance requires human oversight AI helps get us to the level of operationalization much quicker than we would without it. However, that does not make humans obsolete in the effort to comply with standards and regulations. Quite the contrary, as AI still needs human expertise and creativity to make it a truly robust asset. We still do not fully understand how AI operates. It is an unbeatable collector and organizer of data, yet also an unpredictable advisor and creator. As such, AI output must be verified and validated by human developers, analysts, and other experts. While AI is already a uniquely beneficial tool, it should supplement – not supplant – the humans in the service development loop. How AI contributes to better control mapping and auditing Control mapping is a key aspect of WirelessCar’s work with cybersecure connected vehicle services. Technical or organizational controls need to be implemented, and aligned with external requirements, such as standards and regulations. These controls are statements that provide direction; on what an automaker wants to build or implement, and what is required for compliant operation. They set a baseline for a foundational level of security, and help define how we work in a secure, repeatable fashion. When you are working with two different regulatory standards – say, ISO 27001 and NIST 80053 – you need to find out where and how they overlap. By doing so, you can eliminate redundancy in the compliance context. Regulations and standards often overlap; they state the same needs or requirements, but with different verbiage. The risk here is double work, and in the worst case, we could define two different (potentially opposing) ways to do the exact same thing. By mapping the controls between each other, we can identify that overlap and ‘unify’ these controls. By then mapping that to our internal way of working, we can identify and know exactly how and where to implement these requirements. AI can shorten the control mapping process by very quickly scanning for both overlaps and existing mappings. It will also contextualize the information, draw comparisons among its findings, and suggest improvements. AI can also be used outside of language models, such as in audit preparation and evidence collection. One of the things that an auditor or compliance team will do ahead of an audit is to collect massive amounts of evidence that certain processes work and that people are following them. That collection of data takes time, not just for the compliance team, but across the organization, when different teams need to collect and provide their documentation, as well. As long as there is a proper labeling or naming schema to help it parse through the data, AI can manage the gathering, organization, and distribution of that data with great efficiency. Using AI to navigate the cybersecurity compliance landscape of connected vehicles Using AI in compliance can reduce time-consuming work in unprecedented ways. However, the benefits of using AI in compliance go far beyond time-saving and cost-cutting. The increasingly complex cybersecurity compliance landscape of the automotive industry calls for just the kind of oversight that AI is so adept at providing. New laws and regulations regarding AI and cybersecurity are being enacted and amended with remarkable speed, all over the world. There is the EU Artificial Intelligence Act, which speculates how AI is going to be used in business. But then, just in the automotive sector, we also have the Cyber Resiliency Act, NIST Special Publication 800-53, and UN R155. In China, the Guabiao series of security regulations are coming out, including GB 44495-2024, addressing cybersecure connected vehicles in particular. While the four latter regulations are not directly AI-related, they are good examples of the complex and evolving nature of connected vehicle legislation, which AI will continue to influence. With India, the Middle East, and Latin America all on the rise in the automotive domain, even more regulatory systems are about to emerge. Automakers who want to capitalize on these emerging markets must be able to legally operate within them, and offer excellent, compliant, cybersecure connected vehicle services. AI will help them get there faster than they previously would have. Moreover, it will make it easier for automakers and service providers to stay updated, as the cybersecurity compliance landscape continues to evolve. How can automakers make best use of AI within their organizations? A question that sometimes gets lost when discussing AI is: How can we use AI to supplement what we're already doing, to make us even better? The idea that AI will almost magically replace the roles and talents of developers, project leads, and other professionals, demonstrates a wide gap between reality and expectation. The future of AI is very promising, but the technology is still in a nascent stage. There is not yet enough research or sufficient, applicative data to know what the outcome will be. Automakers should make sure that their human experts stay in the development loop. The greatest value of AI comes from its ability to augment the work of these experts. AI should enhance the contribution and output of your workforce, not replace it. So: hire new talent, keep your current talent, and let AI strengthen their skills and business acumen further. Observe the impact that this will have on your workforce, and find new ways to safely implement AI practices. Those who succeed in doing so will also be the ones spearheading the development of the cybersecure connected vehicle services of the future. Keep an eye out for more articles on WirelessCar’s work with Artificial Intelligence and cybersecurity. If you have any questions about our work in this field, you are welcome to contact me via the link below. If you found this topic interesting, I recommend that you read my article about UNR 155 & ISO 21434, as well as my colleagues’ articles on VSOC technology and Cybersecurity Threat Intelligence. Zachary Garner Cybersecurity Compliance Lead Contact
