Why Dealerships Must Prioritize Cybersecurity

1. CONTINUOUS PREPARATION IS A DEALERSHIPS BEST DEFENSE

The biggest thing that is going to affect a dealership is a hit on their brand. No dealership wants to see themselves in the media with the news they were subject to a breach. News like that could affect consumer confidence in the dealership thereby hurting business, as well as the overall brand.

The cyber landscape is constantly changing, and simple defenses are not enough. All companies, especially dealerships, need to continuously evolve to keep up. They don’t want anything suspicious touching their credit card transactions, supply chain relationships, and so on. Therefore, it’s important for dealerships to review cybersecurity measures that are in place and improve upon them as needed.

2. DRAFTING AND PRACTICING AN INCIDENT RESPONSE PLAN

Simply having an incident response plan is just the beginning. Once you develop a plan, you must put it into practice, question it, and make revisions as you see fit. If an incident occurs, ask yourself, “what lessons did we learn from this?

What can we do better next time?” By testing and practicing the plan, your dealership will learn the best and most efficient way to respond to incidents.

3. DISASTER RECOVERY COMMUNICATION PROCESS

A disaster recovery plan must also be developed, implemented, and practiced just like an incident response plan. It should clearly outline how your dealership responds and quickly resumes work following an unforeseen disaster. In the plan, document who dealership employees should communicate with and how they should communicate with each other during different phases. Additionally, make sure everyone within your dealership is educated about how the plan works.

4. OFFERING CONTINUING EDUCATION TO ALL PROFESSIONALS

In addition to having documented plans for incidents and disasters, it’s also important to offer continuing education to all employees. All it takes is one human error for disaster to ensue within a dealership. If your people aren’t educated, they can be the biggest threat to the organization.

5. CYBER INCIDENT EXERCISES FOR ALL EMPLOYEES

Beyond continuing education, employees must also be prepared for any scenario that may present itself. What is the best way to make sure they’re prepared? With realistic exercises. Practice makes perfect, and the more practice your employees have, the less vulnerable you’ll be to cyber threats.

6. CREATING A CULTURE OF AWARENESS AND REPORTING

Creating a culture within the dealership that not only makes employees aware of cybersecurity but also encourages them to report incidents will only help you. Cybersecurity shouldn’t just be a top priority among executives, make sure it’s a part of the culture within your organization.

7. ROBUST AND TIMELY THREAT DATA

Knowing how to respond to threats is important, but you must also effectively manage risk. This means having access to robust and timely threat data. Does your dealership
have access to information about significant risks that are affecting the business? Are you constantly reviewing these to improve your security posture? If not, it’s time to start doing so.

8. ADEQUATE INSURANCE COVERAGE

No matter how confident you are in your security posture, your mindset should never be, “what will we do if a cyber incident occurs?” But rather, you should ask yourself, “what will we do when a cyber incident occurs?” Any business can fall victim to cyber threats, and because of that, it’s smart to have insurance. This can offset any financial losses that may happen because of a cyber-attack.