Cyber Attacks on Auto Dealers on the Rise

Cyber Attacks on Auto Dealers on the Rise

By Greg Tavarez

Cyber criminals always have some new trick up their sleeves and find themselves new targets, just when things seem to become stagnant – and companies are lulled into a sense of false confidence.  It doesn’t help that their customers are more mobile-centric than ever, causing dealers to have to streamline sales and service to accommodate them.

It’s created some security gaps and, as a result, 15% of dealers experienced a cybersecurity incident in the past year, according to CDK Global’s State of Cybersecurity in the Dealership. Of those impacted, 85% of the occurrences were due to sophisticated phishing attempts concealed as legitimate emails that resulted in data breaches, IT-related business interruptions and loss of revenue.

The consistent cyberthreats have auto retailers concerned about securing their networks. On top of that worry, they have to prepare for the upcoming Federal Trade Commission Safeguards Rule implementation set for Dec. 9. The amended FTC Safeguards Rule outlines compliance measures that include securing customer data and implementing a comprehensive information security program.

A good cybersecurity plan is needed to meet the Safeguards Rule. However, the study found that only 37% of auto retailers are confident in their current protection. Even worse, this represents a 21% decrease in preparedness compared to CDK Global’s 2021 study.

“Updating a dealership’s IT infrastructure, establishing an incident readiness plan and identifying qualified individuals to oversee the requirements are important steps for auto retailers in meeting the upcoming FTC compliance deadline,” said Joe Bell, vice president and general manager of IT solutions product and technology, CDK Global.

Many dealers understand they need to take steps and  60% plan to prioritize upgraded investments in IT infrastructure. Investments need to include increasing anti-virus and malware protection and updating cybersecurity measures to counter email phishing and ransomware. Dealers should also plan to secure endpoint devices, invest in cybersecurity insurance and continue staff training to raise employee awareness.

With the Dec. 9 deadline looming, dealers are not fully up to speed on some terms and requirements, such as threat detection and response, for example. Maybe dealers should look into managed service providers to ensure their networks are secure while meeting the Safeguards Rule.

“Partnering with a managed service provider can assist dealerships in eliminating the guesswork for FTC compliance, ensuring a safer, more secure and up-to-date IT infrastructure,” said Bell.

Dealerships started to take cybersecurity more seriously, although it did take an FTC deadline and cybersecurity incidents to get there. They will soon learn that investment into cybersecurity will pay dividends in threat reductions – at the 60% who say they are prioritizing security.  The other 40%, though – and their customers – could be in for tough times.

Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Mutare Brings Together Cybersecurity Community to Raise Vishing Awareness

By: Greg Tavarez    3/28/2023

Mutare is collaborating with government agencies, business coalitions and private industry in an educational campaign to raise awareness of the risks …

Read More

Only 15% of Organizations Deemed Mature Enough to Defend Against Cybersecurity Risks

By: Greg Tavarez    3/28/2023

Fifteen percent of organizations globally have the maturity level of readiness needed to be resilient against today's modern cybersecurity risks, acco…

Read More

Opti9 Offerings Strengthen Veeam Customers' Security Stacks

By: Greg Tavarez    3/28/2023

Opti9 introduced its standalone offerings for Veeam, which are managed services for Veeam Software and its AI-based ransomware detection and remediati…

Read More

How Businesses are Navigating Migrations and Marketplace Shifts

By: Alex Passett    3/28/2023

Westcon-Comstor recently published a report that explored challenges found amongst shifting subscription and recurring revenue models for businesses.

Read More

Cybersecurity Essentials: BSA Expands Managed Security Solutions

By: Alex Passett    3/24/2023

Bridge Security Advisors (BSA) has announced an addition to its Essential Security Solution (ESS): the Managed Security Solution (MSS) offering.

Read More