Why are the FTC Safeguard Rules for dealerships important?
Security breaches have become a seemingly-normalized issue today. When looking at the world of retail car dealerships, cybersecurity is so important the Federal Trade Commission (FTC) created the Safeguards Rule to ensure financial institutions have a comprehensive information security program. The regulations of the Safeguards Rule will be updated on June 9, 2023. Despite this, CDK Global noted only 47% of dealerships say they are well-prepared to be compliant with the new regulations.
An ill-prepared dealership can fall victim to ransomware. The average payment that is extorted because of ransomware in Q2 of 2022 is more than $228,000, which is an 8% increase from Q1 in the same year. While it may seem ransomware only targets large companies, smaller institutions are just as vulnerable. The Safeguards Rule is designed to make sure all retail car dealerships have some way to combat the seemingly infinite amount of ransomware and phishing attempts out there.
Retail car dealerships should take cybersecurity seriously - not only for the sake of complying with the FTC’s Safeguards Rule, but for the sake of their employees, their customers, and the livelihood of their business.
Regardless of the size of your dealership, information is valuable. Any information gathered by someone with malicious intent can be leveraged to extort money. Not only that, but any breaches of the updated Safeguards Rule can lead to fines of around $46,500, with investigations that can lead to further penalties.
Cyber criminals look to exploit cracks in any company's cybersecurity practices, and they will test any and all firewalls for vulnerabilities.
When you think about all the information you gather from your clients, there is a vast amount of information that can be used that could impact your business negatively. Email addresses, passwords, payment information, the list goes on. Both your employees and clients expect you to keep this sensitive data safe, whether you’re a team of five or 500. If the data you have allows you to do business, that data should be properly protected.
In our increasingly interconnected world, having and maintaining a security posture is becoming a requirement rather than an option. Having the proper security and IT systems in place will give you peace of mind, not to mention a competitive advantage in the auto retail marketplace.
As the deadline to align your company’s cybersecurity plan to the updated Safeguards Rule approaches, it can be overwhelming to understand the Rule itself, and what you can do to ensure that you remain compliant. Having a team to monitor the activity of your retailer, and mitigating the risks that can come up through phishing attacks is one of many things that you can do to become compliant with the updated FTC ruling.
It’s never been more important for auto retailers to elevate their security game. The good news is now best-in-class tools and security expertise (like SIEM and a SOC), that were previously only available to the enterprise are now within reach.
Learn more about Judy, the all-in-one cybersecurity platform and see all how she can protect your businesses.