A vast majority of consumers said they would not buy another vehicle from a dealership after their data had been compromised, according to a recent survey given to both dealers and buyers.
The second annual dealership survey by Total Dealer Compliance also showed that fewer than a third of dealers employ a network engineer with computer security certifications/training.
“As car dealerships continue to be a real target for cybercriminals, with fewer data-protection measures in place than most other industries, we set out to discover the effect this is having on a car dealership’s bottom line,” Max Zanan, president of TDC, said in a news release. “Our report discovered that more than 70 percent of dealers are not up to date on their anti-virus software, and nearly a third of consumers lack confidence that their personal data is secure when purchasing a vehicle.”
Highlights from the survey given to dealers include:
— Nearly 85 percent have a contract with a 3rd party vendor to handle more complex IT work.
— Only 30 percent of dealers employ a network engineer with computer security certifications/training.
— Only 25 percent hired a third party vendor to try to hack into their networks to test their vulnerability.
— More than 80 percent employ an IT engineer to handle basic day-to-day work.
— More than 70 percent of dealers are not up to date on their anti-virus software.
Highlights from the consumer survey include:
— Nearly 33 percent of consumers are not confident in the security of their personal and financial data when making a purchase at a dealership
— Just under 84 percent of consumers will not go back to buy another vehicle from a dealership after their data has been compromised
TDC recommends that dealerships should regularly conduct IT vulnerability scans, Windows security checks, provide online courses on networking, as well as implement a solid computer security policy. TDC conducts vulnerability scans by using independent “White Hat” hackers to discover a dealership’s cyber vulnerabilities and based on those vulnerabilities discovered, create policy.
“Car dealerships need to put procedures in place to help prevent cybersecurity attacks. We help dealers focus on social engineering and how not to fall victim to hacking,” Zanan said. “As ever, our report turns a spotlight on the hot topic of data security, revealing the necessity of having strict policies and procedures in place that are being adhered to by all employees to ensure consumer confidence and loyalty.”