Autonomous and connected vehicles are reshaping transportation, but increased software complexity and connectivity introduce serious security and safety challenges that can’t be solved with traditional perimeter defenses.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Hemanth Tadepalli, Senior Cybersecurity & Compliance SME at May Mobility, for a practical discussion on what cyber resilience looks like inside real-world autonomous vehicle programs.

Hemanth draws on his experience securing mobility systems at May Mobility, as well as prior work with Mandiant, Google, and AlixPartners, to explain how automotive organizations are adapting to software-defined vehicle architectures, regulatory pressure, and expanding attack surfaces. Joe shares his perspective on why mobility companies increasingly resemble software companies and what that means for engineering, governance, and operational security.

Together, they explore:

• How connected and autonomous vehicle architectures expand the attack surface
• What cyber resilience means in day-to-day engineering and fleet operations
• How governance, threat intelligence, and software validation reduce risk
• Regulatory pressures shaping automotive security decisions
• How teams balance detection, response, and safety in autonomous systems

Whether you’re building autonomous platforms, managing connected fleets, or securing safety-critical software, this episode offers a grounded look at what it takes to keep modern mobility systems trustworthy and safe.