New Solution builds a “Human Firewall” that Reduces Risk of Phishing Attacks from 27% to 2%
Timonium, MD – January 7, 2019 – Helion Automotive Technologies is offering a new security awareness training program for auto dealership employees. The solution is designed to build a “human firewall” that reduces the risk of data breaches from phishing and other social engineering attacks. Cyber-crime is a persistent and growing threat to dealerships, and 91% of successful data breaches start with a phishing attack.
The training program also helps dealers comply with the Federal Trade Commission (FTC) Safeguards Rule to protect consumer personal information. Auto dealerships that provide financing to customers are subject to the rule and are required to provide employees with security awareness training.
“A dealership can have a secure firewall and anti-virus software, but even the best technology can’t protect them from sophisticated phishing schemes where humans are the weak link,” said Erik Nachbahr, president of Helion Technologies. “Once an employee clicks on an email link and surrenders information, it’s easy for cyber criminals to accomplish their objectives.”
The consequences of phishing attacks are devastating. Many incidences of dealership employees transferring tens of thousands of dollars to bank accounts have been documented, only to have the money disappear forever. In one case a dealership lost $251,000 in a single transaction.
An additional consequence of a data breach includes harm to a dealership’s reputation. Nearly 84% of consumers claimed they would not buy another car from a dealership if their data had been compromised, according to a study by Total Dealer Compliance. Dealers also face the threat of legal and civil lawsuits when their customers’ personal data is compromised.
“Dealers are vulnerable to attacks because they tend to have a lot of cash in their bank accounts and conduct a large number of electronic financial transactions. That’s very attractive to cyber criminals,” said Nachbahr.
Most dealers employ IT staff or use outside IT services that lack awareness when it comes to cyber-crime. Only 30% of dealers employ a network engineer with computer security certifications and training, and 70% of dealers aren’t up to date on their anti-virus software, according to Total Dealer Compliance.
“In dealerships IT staff are generally reactive; they respond to employee complaints and keep the network running,” said Nachbahr. “They don’t have the resources or expertise to proactively seek solutions to cyber-attacks that haven’t happened yet.”
Phishing attacks rely on email to bait and lure employees into downloading viruses, upload secure information or give out login credentials to dealership systems. Cyber criminals often troll a company for months to learn names, titles and emails of target employees.
To combat the growing threat and consequences of phishing attacks, Helion has partnered with KnowBe4 to bring the world’s most popular security awareness training and simulated phishing platform to auto dealers. More than 18,000 organizations worldwide currently use the system, which over time substantially reduces the risk of successful phishing attacks.
Prior to security awareness training, in an average business 27% of employees open phishing emails. After 90 days of training, the risk drops to 13% and after one year of training, the risk drops to 2%.
“Employees are your last line of defense,” said Nachbahr. “It’s a dealer’s responsibility to train them but most dealers aren’t aware of the scope of the threat, let alone how to counter it. We searched for a solution to this problem and we’re thrilled to offer this training program that will safeguard dealerships’ money, customer data and reputations.”
Helion’s security awareness training program includes:
- Baseline testing using a simulated phishing attack to assess the percentage of employees that click on a phishing link
- Employees that don’t pass the baseline test are enrolled in an online training program
- Employees are educated with a library of videos, online games and training modules; gamification makes learning fun and interactive
- Monthly phishing security tests for every employee on the system
- Phish Alert Button provides employees with a safe and easy way to report malicious emails
- Industry Benchmarking allows managers to compare their phish-prone percentage against other dealerships, and track improvements over time
- Advanced Reports allow managers to see which employees need further testing
The cost of the training program is just $15 per employee, per year. Helion has customized the KnowBe4 training system to simulate phishing emails that auto dealerships typically receive; and manages all onboarding, setup, integration, ongoing maintenance and support.
The new service is available February 1st, 2019. To learn more or to enroll in the security awareness training program, stop by booth # 6453W at the NADA Convention and Expo or call Helion Technologies at 443-541-1500. Schedule an appointment at NADA using this link: http://bit.ly/NADA6453W