Cybersecurity isn’t something that most dealership owners and managers think about on a daily basis. But when network protection lands on the back burner, sensitive customer data can be put at risk. That can lead to costly incidents for auto and truck dealerships. 

A ransomware attack can cost millions and lead to outages that shut down sales for hours, if not days or weeks. In some states like California, non-compliance with cybersecurity best practices can lead to hefty fines as well. Getting your IT security and data storage practices up to snuff is more than just good cybersecurity sense, it’s good business. 

We asked Erik Nachbahr, president and founder of Helion Automotive Technologies, what shortcomings he frequently encounters when assessing and fortifying dealership IT systems to meet CCPA regulation requirements. Here’s what he had to say:

What’s the first step in shoring up cybersecurity at a dealership, either for CCPA specifically or just to improve overall IT hygiene?

Erik: Before doing anything else, dealerships need to do a full audit of their existing IT systems. 

A lot of managers at dealerships don’t know what kind of hardware and software they have running at a given time. Which makes sense on some level — they aren’t IT people, their attention is focused on sales. But outdated network hardware, a porous software plug or integration, or poorly managed ports can leave your network wide open to bad actors.

Once completed, compare audit results with current cybersecurity best practices. That seems like a big pain, but it’s essential for maintaining a strong data security posture — and, on an aside, it offers an opportunity to review vendor relationships, to see where you could be saving money or getting better performance and connectivity. 

A lot can change in a year or two, much less five or six years.

Okay, our network is fully audited and we’re on the way to meeting best practices. What next?

Erik: The majority of cyber attacks aren’t performed by frontal assault — hackers want to take the easy way in if they can. A DDoS attack requires a lot of skill, resources, and luck. But any cybercriminal can get an employee to click on an email link or attachment. People are easier to trick than software. 

That’s why most successful penetrations come from phishing emails. Once you’ve audited your software and hardware, it’s important that you look into your administrative access. The way your organization stores data can impact the severity of a breach. When sensitive customer data isn’t properly siloed and admin protected, any employee that clicks on the wrong spam email puts your dealership at risk of a major cybersecurity breach.

Next, it’s time to educate your staff. Something like 91% of all successful data breaches originate from phishing emails, and 71% of all phishing emails target small businesses. 

Smart dealerships support regular internal education to make sure that everyone, from the reception desk to finance to sales, knows how to spot an email scam. 

Beyond training and access for staff, what technical concerns do you see most frequently?

Erik: The fact is most dealerships don’t have robust enough protections on their IT environment. Very few continuously monitor for vulnerabilities by tracking open ports and running penetration tests. A lot of the blame for this can be placed on security software itself, which lulls layman users into a false sense of security (literal and figurative in this sense). 

If you aren’t actively monitoring for vulnerabilities and irregularities, in addition to keeping an eye on your outward-facing IT defenses, your data is at risk.

Any other valuable tips for our readers?

Erik: The last tip is probably one of the most important — plan for incident response. I can’t stress this one enough. No matter how strong your defenses may be, there’s always the chance some of your data will get breached. Upward of 80% of all companies will experience some kind of hack in the next year. The big question is, what do you do when that happens?

Downtime is extremely costly for auto and truck dealerships. When a data breach or ransomware attack occurs, your first objective is to stem the bleeding so you can get back to selling vehicles fast. An incident response plan will tell your team who is responsible for what actions, how to limit the impact of the breach, and who to contact for backup.