More dealers plan to invest in cybersecurity
Especially in the advent of digital retailing, CDK Global sought to gauge how much dealerships are looking to protect themselves and their customers from online threats.
According to findings from a CDK Global study released on Wednesday, rising concerns of ransomware and phishing attacks impacting have prompted nearly half of dealers surveyed to plan for increased investments in cybersecurity in 2022. That’s compared to only 24% of dealers that invested in security measures in 2020.
“Meeting consumer demand for online automotive retailing while operating on an outdated framework can create a perfect storm for a cybersecurity breach,” said Joe Bell, vice president of IT solutions and global network architecture at CDK Global.
“By adding protective layers of security through integrated visibility and monitoring tools, dealerships can mitigate their risk of lengthy downtime for data recovery,” Bell continued in a news release.
CDK Global pointed out that IT-related business interruptions can be costly errors for dealerships, impacting businesses an average of 16 days in lost revenue if targeted by a cyberattack. Company expects said that recovering from a data breach and restoring a dealer’s reputation is both costly and time intensive, and automotive retailers may fall prone to meeting cybercriminals’ demands to keep their dealerships running.
In fact, recent data by ransomware specialty company Coveware shared in the CDK Global news release showed that payouts by businesses nearly quadrupled from 2019 to 2020, jumping from nearly $44,000 to $169,000.
CDK added that its cybersecurity report highlighted the need for dealerships to put necessary preventative measures in place to stem future incidents, including:
— While dealerships recognize there is an increased sense of urgency to prioritize cybersecurity relative to other operational areas (85%), only 49% believe they currently have adequate protection against cyberattacks.
— Employee email phishing remains the biggest perceived threat to dealer businesses (66%), but less than a third of employees have received formal security training on how to avoid it. Additional concerns include ransomware (48%) and malware (30%).
— A total of 65% of dealerships are regularly backing up data, system images and configurations and keeping the backups offline, but 73% are not testing their cyberattack incident response plan.
“Investing in modernizing aging security products, educating employees on increasingly sophisticated and frequent threats, and solidifying disaster recovery plans before an incident occurs can uphold a dealership’s reputation in the marketplace,” Bell said.
“If an automotive retailer’s cybersecurity plan for prevention, protection and response is firmly in place, dealerships can focus on strengthening the consumer buying experience while building trust,” he continued.
The company recapped that the CDK Global inaugural Dealership Cybersecurity Report was conducted in June among a national sample of 135 dealerships. The interviews were conducted online by CDK Research & Insights.
Participants included dealer executives, IT decision makers and departmental influencers within the dealerships.
To view CDK’s Dealership Cybersecurity Report, go to this website.