CDK Incident - Critical Cybersecurity Reminders for Your Dealership

In light of recent highly publicized cybersecurity events (such as the CDK incident) within the automotive industry, we want to remind you of critical steps all dealers should take to protect against potential threats posed by malicious actors. While there is no way to be 100% immune from such attacks, there are some important tools you should be using.   

As your trusted partner, we strongly recommend implementing available cybersecurity measures to safeguard your business, including the following:

1. Endpoint Detection and Response (EDR): EDR solutions act like a security camera to provide real-time monitoring, detection, and response capabilities to identify and mitigate potential security breaches on your dealership's devices and networks.
2. Penetration Testing: Regularly conducting penetration testing allows you to proactively identify vulnerabilities in your systems and networks before they can be exploited by bad actors. This practice helps strengthen your overall cybersecurity posture.
3. Phishing Simulations: Phishing attacks remain one of the most common methods used by cybercriminals to gain unauthorized access to sensitive data. Conducting phishing simulations trains your employees to recognize and report suspicious emails, reducing the risk of successful phishing attempts.
4. Multi-Factor Authentication (MFA): Implementing MFA adds an extra layer of security to your dealership's user accounts. By requiring users to provide additional verification factors, such as a smartphone app or hardware token, MFA significantly reduces the risk of unauthorized access, even if passwords are compromised.
5. Vulnerability Scanning: Regular vulnerability scanning helps identify potential weaknesses in your dealership's systems, applications, and networks. By proactively detecting vulnerabilities, you can prioritize and address them before they can be exploited by malicious actors.
6. Service Provider Oversight: The Safeguards Rule (and good practice) requires you to take certain specific actions with respect to your service providers' contracts and cybersecurity tools to ensure that all your systems are enacting appropriate tools to protect your data.

Dealers should use these tools - not only because it's required under federal law - but more importantly, to protect their systems and their data. And just using the tools is not enough - you should also take prompt steps to address any vulnerabilities that these tools may detect.