30% of companies from the automotive industry do not have their own cybersecurity program or team, nor use the services of an external organization to secure the software used in their products. 63% percent of all automotive companies test less than half of software, hardware, and other technologies they develop. 60% of respondents cited accidental coding errors, 50% pointed at the lack of quality assurance and testing procedures, while 40% quote the use of insecure/outdated open source software components as the most common factors that lead to vulnerabilities in their technologies.
Source: https://www.bleepingcomputer.com/news/security/30-percent-of-automotive-companies-lacking-a-dedicated-cybersecurity-team/