Well-disguised cyber attacks are on the rise for auto dealerships who continue to fall victim. According to the second annual dealership cybersecurity study by CDK Global Inc.,15 per cent of dealers have experienced a cybersecurity incident in the past year.
The study reports that “Of those impacted, 85 per cent of the occurrences were due to sophisticated phishing attempts concealed as legitimate emails that resulted in data breaches, IT-related business interruptions and loss of revenue.” The cyberthreats continue as dealers prepare for the upcoming Federal Trade Commission (FTC) Safeguards Rule implementation on Dec. 9.
“Consumers are continuously shifting to a more mobile environment, requiring automotive dealerships to streamline their sales and service online. Unfortunately, it can lead to creating gaps in IT networks for securing data,” said Joe Bell, vice president and general manager of IT Solutions Product & Technology, CDK Global. “Updating a dealership’s IT infrastructure, establishing an incident readiness plan and identifying qualified individuals to oversee the requirements are important steps for auto retailers in meeting the upcoming FTC compliance deadline.”
In the U.S. the FTC Safeguards Rule outlines compliance measures that includes securing customer data and implementing a comprehensive information security program.
“With the recent surge of ransomware attacks around the world and the advancement of security protocols we have made, cybersecurity remains a huge priority,” said Preston Petersen, general manager and partner at Team Automotive Group in Baton Rouge, Louisiana. “The risk to businesses and our industry is at an all-time high, and we take that risk very seriously.”
Dealerships are preparing for the influx of possible attacks to their infrastructure, including hiring cybersecurity experts both in-house and externally and educating staff on detecting potential cyber threats.
Ensuring that dealers will be FTC compliant by Dec. 9 remains uncertain, as many auto retailers are finding the Safeguards Rule to be difficult to understand or complete. “Partnering with a managed service provider can assist dealerships in eliminating the guesswork for FTC compliance, ensuring a safer, more secure and up-to-date IT infrastructure,” said Bell.
