The cybersecurity poverty line is a term used to understand your dealership’s cybersecurity shortfalls and what needs to be done to level-up and enhance your cybersecurity posture.  The line represents the threshold for what’s considered to be an acceptable line of cyber defense.

Dealerships that fall under the cybersecurity poverty line lack the budget, knowledge, and expertise to achieve and maintain an appropriate level of cyber hygiene and cyber threat hunting capabilities.  It’s the capacity of an IT team to perform these two functions continuously that determines a dealership’s position relative to the cybersecurity poverty line.

Cyber hygiene is the habitual practice of ensuring the safe handling of sensitive data and the security of your network.  These practices include the inventory of all endpoints connected to the network, ongoing vulnerability management, implementation of multi-factor authentication (MFA), and the expedient patching of all software.  Cyber hygiene is important because it makes it more difficult for the cybercriminal to penetrate your dealership – thus improving your cybersecurity posture.

Cyber threat hunting is an active, ongoing cyber defense activity.  This is a 24/7/365 activity that involves constantly searching through your dealership’s network to detect and isolate cybersecurity threats that elude existing security solutions – like antivirus software.  Cyber threat hunting uses a combination of manual and machine assisted techniques to find indicators of compromise (IOCs) and indicators of behavior (IOB) across a dealership’s IT environment.  Active cyber threat hunting is essential to identifying and stopping a threat early in its lifecycle and minimizing the threat’s impact on your dealership.

It’s important to remember however, that the cybersecurity poverty line moves as the cybercriminal’s tactics – and cyber defense best practices – evolve.  This is why, an annual cybersecurity risk assessment is so important.  An annual assessment provides you with valuable insight into your dealership’s position relative to the poverty line.  The assessment empowers you to effectively manage your dealership’s cybersecurity risk.

For many, IT and cybersecurity has traditionally been considered an expense to be minimized.  As the incidence and severity of cybercrime continues to rise this modus operandi is no longer valid.  Those with the “if it’s not broken then don’t fix it” mentality may soon be reading about themselves in the news.  So, what should you do?

The place to start, is to shine a light on your cyber defenses and the gap between where you are and the cybersecurity poverty line.  To do this, you need to have a cybersecurity risk assessment performed.  This assessment will compare your IT environment and cyber defenses against cybersecurity best practices like those developed by the Center for Internet Security (CIS).