Cyber Attacks on Auto Dealers on the Rise

Cyber Attacks on Auto Dealers on the Rise

By Greg Tavarez

Cyber criminals always have some new trick up their sleeves and find themselves new targets, just when things seem to become stagnant – and companies are lulled into a sense of false confidence.  It doesn’t help that their customers are more mobile-centric than ever, causing dealers to have to streamline sales and service to accommodate them.

It’s created some security gaps and, as a result, 15% of dealers experienced a cybersecurity incident in the past year, according to CDK Global’s State of Cybersecurity in the Dealership. Of those impacted, 85% of the occurrences were due to sophisticated phishing attempts concealed as legitimate emails that resulted in data breaches, IT-related business interruptions and loss of revenue.

The consistent cyberthreats have auto retailers concerned about securing their networks. On top of that worry, they have to prepare for the upcoming Federal Trade Commission Safeguards Rule implementation set for Dec. 9. The amended FTC Safeguards Rule outlines compliance measures that include securing customer data and implementing a comprehensive information security program.

A good cybersecurity plan is needed to meet the Safeguards Rule. However, the study found that only 37% of auto retailers are confident in their current protection. Even worse, this represents a 21% decrease in preparedness compared to CDK Global’s 2021 study.

“Updating a dealership’s IT infrastructure, establishing an incident readiness plan and identifying qualified individuals to oversee the requirements are important steps for auto retailers in meeting the upcoming FTC compliance deadline,” said Joe Bell, vice president and general manager of IT solutions product and technology, CDK Global.

Many dealers understand they need to take steps and  60% plan to prioritize upgraded investments in IT infrastructure. Investments need to include increasing anti-virus and malware protection and updating cybersecurity measures to counter email phishing and ransomware. Dealers should also plan to secure endpoint devices, invest in cybersecurity insurance and continue staff training to raise employee awareness.

With the Dec. 9 deadline looming, dealers are not fully up to speed on some terms and requirements, such as threat detection and response, for example. Maybe dealers should look into managed service providers to ensure their networks are secure while meeting the Safeguards Rule.

“Partnering with a managed service provider can assist dealerships in eliminating the guesswork for FTC compliance, ensuring a safer, more secure and up-to-date IT infrastructure,” said Bell.

Dealerships started to take cybersecurity more seriously, although it did take an FTC deadline and cybersecurity incidents to get there. They will soon learn that investment into cybersecurity will pay dividends in threat reductions – at the 60% who say they are prioritizing security.  The other 40%, though – and their customers – could be in for tough times.




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

TD SYNNEX Invests in Brazilian Cloud Future with IPsense Acquisition

By: Greg Tavarez    9/18/2024

TD SYNNEX, a global technology distributor, recently announced the acquisition of IPsense Cloud Migration, a cloud solutions provider based in Brazil.

Read More

Embedded AI Security Comes to Lenovo PCs, Powered by SentinelOne

By: Greg Tavarez    9/18/2024

Lenovo, along with SentinelOne, announced a multi-year collaboration to bring AI-powered endpoint security to millions of Lenovo devices across the gl…

Read More

CrowdStrike and 1Password: A Powerful Duo for SMB Cybersecurity

By: Greg Tavarez    9/18/2024

CrowdStrike expanded its partnership with 1Password to simplify security for 150,000 customers, with a focus on SMBs in particular.

Read More

MSP Expo Silver Sponsor Granite to Cut Ribbon on New HQ as it Looks Forward to 'Granite 2.0'

By: Greg Tavarez    9/17/2024

Granite announced that it will officially open its new headquarters on September 20 at 1 Heritage Drive, Quincy, Massachusetts.

Read More

EasyDMARC Secures $20M, Vows to Strengthen Email Security Solutions and Global Channel Partner Ecosystem

By: Alex Passett    9/16/2024

Earlier this morning, email security company EasyDMARC announced that it successfully closed its $20 million Series A funding round, led by Radian Cap…

Read More