Our solutions are tailored to each client’s strategic business drivers, technologies, corporate structure, and culture.
07/15/2024
Auto dealerships: How to defend against growing cybersecurity threats
Auto dealerships are increasingly appealing targets for cyber criminals. Learn how to protect your business.
Auto dealerships represent ideal “soft targets” for cybercriminals: as valuable and data-rich as banks or financial firms, but potentially less cyber-secure. The customer financial information they handle from credit and purchase financing makes them highly attractive, and recent trends in interconnection and reliance on external service providers significantly increase their attack surface.
To defend against increasingly sophisticated threats, auto dealerships must take a strong, proactive cybersecurity stance. Here are five ways to get started.
- Conduct a cybersecurity risk assessment to increase awareness of risks. This assessment should identify cybersecurity risks (i.e., potential threats, vulnerabilities, and impacts, and their likelihood) and review the controls implemented to reduce those risks for any gaps.
- Implement training programs, such as security awareness training for all employees and incident response training for executives and IT. All employees need to know how to identify and defend against phishing or social engineering attacks, and executives and IT staff need to know how to respond should a successful attack occur.
- Separate IT operations from IT security. Organizations should make sure they understand exactly which needs are being addressed by their IT department or outsourced IT provider. As most IT teams are focused on operations – making sure that systems stay up and services remain available – additional resources may be needed to proactively stay on top of cyber threats and needs, even if portions of the environment are in the cloud.
- Pay attention to third-party risks. Given their increased interconnection and reliance on external service providers, auto dealers need to establish a thorough third-party risk management program, conduct vendor due diligence, and address any potential threats introduced by their providers and collaborators.
- Maintain a cybersecurity insurance policy. Sooner or later, a cyber attack will be successful. Proactive measures help reduce the cost and impact of such an attack, and a cyber insurance policy can further reduce financial uncertainty and make accidental loss manageable.
Close
Contact
Let’s start a conversation about your company’s strategic goals and vision for the future.
Please fill all required fields*
Please verify your information and check to see if all require fields have been filled in.
On-demand
New administration policy & priorities: Helping businesses prepare
Insight
Liquidity events and sunsetting TCJA provisions
Insight
Cybersecurity for the family office: 3 ways to protect against threats
Insight
New goals, industry changes make life insurance review imperative
Press Release
Henn joins CohnReznick as Tax Partner
Related services
Receive CohnReznick insights and event invitations on topics relevant to your business and role.
This has been prepared for information purposes and general guidance only and does not constitute legal or professional advice. Neither CohnReznick LLP or its personnel provide legal advice to third parties. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is made as to the accuracy or completeness of the information contained in this publication, and CohnReznick LLP, its members, employees, and agents accept no liability, and disclaim all responsibility, for the consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.