Sound merger and acquisition often checks on a company’s cyber safeguarding and data transfer provisions said the President of investment banking and dealership advisory firm Presidio Group. Specifically, auto dealership purchase agreements many times include representations that the seller has complied with Gramm-Leach-Bliley and has taken reasonable steps to protect their computer systems and customers’ information, said a principal attorney and partner with Holland & Knight in Denver, CO who works on dealership transactions.[1] In the future, Safeguards Rule compliance likely will be added to the list of questions buyers ask about data security in their due diligence process.
Dealership buyers can start a risk assessment before a transaction closes by asking sellers to provide questionnaires they give cyber insurance providers, which generally mirror the US Federal Trade Commission’s z(FTC’s) requirements.
The Asbury Automotive Group Inc. in Georgia frequently looks for vulnerabilities in its own systems, as well as in systems for stores it plans to acquire, company leaders said last week. The publicly traded group rose one spot to No. 5 on Automotive News‘ most recent list of the top 150 dealership groups based in the US, sustained by its $3.2 billion purchase last year of Larry H. Miller Dealerships’ 61 new and used vehicle stores. “When you buy a single store, it needs a lot of work and structure on the IT side, especially on the security side,” the Asbury CEO said. “Most of the smaller groups have minimal security on their systems. They have it, but it’s minimal. Being a large company, we have layers of protection. So, in every acquisition we’ve done, even the big ones like [Larry H.] Miller and Park Place [Dealerships], we’ve had to add layers on top of their security, just to get ourselves comfortable. Certainly, Park Place had a more sophisticated one and so did the Millers. But being public, we enhanced it further.”
The CDK Global 2018 Dealership Cybersecurity Study found that 85% of IT staff say their dealership had experienced a cyber security incident within the previous two years. In 2021, the CDK Global 2021 State of Cybersecurity in the Dealership Report reflected that the average ransomware payout had increased seventeen-fold (17 x) in two years, up to $220,298 per incident. That’s an average, though, and the individual demand could range into the millions.[2] Dealerships have tightened their defenses since the 2018 report, but there continue to be areas that can be improved.
There is now a positive shift in the auto dealer mindset. The 2021 State of Cybersecurity in the Dealership Report also identifies a 16-day downtime due to ransomware attacks, essentially grinding a dealership’s operations to a halt for a half-month. It is no wonder that most SMBs can only last from three to seven days with their financial revenues shut off or scrambling to implement a stopgap.
It is critical to have the proper infrastructure in place to combat the effects of a cyberattack, including offline backups and monitoring software that help employees identify when an email or website isn’t secure. But there is more to dealership cybersecurity.
Dealers are in the car business, but that with current technology it is hardly the case anymore. Dealers are now in the customer service business primarily, and an increasing part of the business is software-related as cars become more connected. The CDK Global report says that “84% of consumers said they would not go back to buy another vehicle after their data had been compromised.” If dealerships are targeted, there is a serious likelihood that many customers will never return.
Cyber-attacks are increasing in frequency in the US, and they are emanating from new sources all the time. Protecting your dealership from the disruption and potentially costly payout or a ransomware attack could keep you in business while other less protected companies are put out of business. Red Sky Alliance has helped many companies with M&A threat and vulnerability assessments.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www.redskyalliance.org/
- Website: https://www.wapacklabs.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings:
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://usnewsmail.com/news/health/go-big-or-go-home-houston-wants-new-orleans-level-hurricane-protection-but-will-it-be-too-little-too-late/
[2] https://www.cbtnews.com/ransomware-attacks-are-on-the-rise-is-your-auto-dealership-secure/
Comments