Cyber Risk Understanding and Transferring Cyber Risk for Auto Dealerships BY STEVE ROBINSON, NATIONAL CYBER INSURANCE PRACTICE LEADER, RISK PLACEMENT SERVICES As every business in today’s digital age increasingly relies on technology to manage all facets of their operations, cyber threats have become a significant concern. This ever-increasing reliance on technology and the vast amount of sensitive customer data stored has placed auto dealerships in the crosshairs of cybercriminals. To mitigate the potential financial and reputational damages resulting from cyber incidents, it is crucial for dealerships to understand the risks they face and the importance of effectively transferring that risk through a combination of improved cybersecurity practices along with the purchase of comprehensive cyber insurance coverage. UNIQUE THREATS TO AUTO DEALERSHIPS Auto dealerships present a unique treasure trove of personal and financial information for cybercriminals, often set against a backdrop of porous security practices when it comes to protection against such attacks. Cyber events can range from ransomware attacks, data breaches, Distributed Denial of Service (DDoS) attacks and phishing scams to social engineering attacks. Moreover, the open-air sales floor environment often allows easy access to private information and critical systems, making auto dealerships unique from other, traditionally well-protected physical environments in the financial services sector. This, combined with a generally high rate of staff turnover, makes instilling a consistent culture of data security even more challenging. It is essential for auto dealerships to recognize that cyber threats are constantly evolving. Staying ahead of these threats requires proactive measures, including robust cybersecurity protocols, continual employee training, and comprehensive cyber insurance coverage. IT’S ABOUT MUCH MORE THAN MONEY A cyber incident can have severe financial and reputational consequences for a car dealership. The costs associated with a data breach or cyberattack can be substantial, including legal fees, forensic investigations, customer notification costs, credit monitoring services, and potential regulatory fines. On the regulatory front, auto dealerships are seen by the Federal Trade Commission through the lens of a bank more than a retail store when it comes to required security practices, policies, and procedures. Moreover, the damage to a dealership’s reputation can lead to a loss of customer trust and loyalty, ruining any potential future revenue opportunities. Cyber insurance can provide financial protection by covering costs to help maintain the dealership’s reputation. These days, it doesn’t matter that you had a cybersecurity event but rather how you responded to the event, and whether your organization maintained the confidence of your impacted customers along the way. A properly designed cyber insurance program can align the resources of expertise and money to enable a dealership to respond to these events in a timely and professional manner while ensuring compliance under various state and federal privacy laws.
RkJQdWJsaXNoZXIy MTg3NDExNQ==