Sure, technology is rapidly advancing the automotive retail and lending industries, but this evolution has also brought about new challenges in the areas of cybersecurity. A major ransomware event in the summer of 2024 made many headlines, and since then the entire industry is taking a closer look at digital security.
Even with the increased awareness, an online survey Botdoc conducted of more than 2,500 dealership professionals in November shed light on the alarming gaps in cybersecurity practices among auto dealerships and lenders, highlighting the continued need for enhanced data-protection measures.
Still a Glaring Deficiency
The survey results revealed a concerning trend: While many dealerships have implemented basic security measures, such as antivirus software (17.48%) and firewalls (19.42%), there is a major deficiency in more advanced protections. The lack of comprehensive cybersecurity strategies leaves dealerships vulnerable to cyber threats, which can have devastating consequences for both the businesses and their customers.
One of the most striking findings from the survey is the minimal adoption of secure data-in-transit solutions, with only 9.7% of dealerships currently employing the critical component.
Secure data-in-transit solutions are essential for protecting sensitive customer information as it is transmitted between systems. Without the protections, data can be intercepted and compromised, leading to potential data breaches and identity theft.
Some Dealers Unsure If They’ve Been Hacked
Furthermore, the survey reveals a troubling trend in cyberattack experiences. While 19.4% of dealerships reported they have been victims of data breaches or cyberattacks, a significant 40.7% remain unsure if they have been compromised at all.
The uncertainty points to a critical need for improved detection and response capabilities. Dealerships must be able to promptly identify and respond to cyber threats to mitigate potential damage and protect customer data.
The importance of data protection cannot be overstated, especially in an industry that handles a vast amount of personal and financial information. Auto dealerships collect and store data, such as customer names, addresses, Social Security numbers and credit card information. The data is a prime target for cybercriminals, who can exploit vulnerabilities to gain unauthorized access and misuse the information for fraudulent activities.
Despite the clear risks, the data indicates that many dealerships are not prioritizing cybersecurity to the necessary extent. The oversight can be attributed to several factors, including a lack of awareness about the severity of cyberthreats, limited resources, and the misconception that basic security measures are sufficient. However, as cyberattacks become more sophisticated, it is imperative for dealerships to adopt a proactive approach to cybersecurity.
Finding Resources Still Difficult
A key challenge highlighted by the data is the difficulty dealerships face in finding the right cybersecurity tools and resources. Twenty-four percent of respondents cited an inability to find the right partners or resources as their biggest obstacle in implementing cybersecurity measures. The struggle emphasizes the need for specialized cybersecurity solutions tailored to the auto dealership industry. Dealerships require partners who understand their unique challenges and can provide customized solutions to address their specific needs.
To address the gaps, dealerships must first recognize the critical importance of data protection and the potential impact of a data breach. The awareness should be followed by a comprehensive assessment of current cybersecurity practices and the identification of areas requiring improvement.
Moreover, employee training and awareness programs are crucial in fostering a culture of cybersecurity within the organization. Employees should be educated about the latest cyberthreats, safe online practices, and the importance of safeguarding customer data. By empowering employees with the knowledge and tools to recognize and respond to potential threats, dealerships can significantly reduce the risk of cyber incidents.
Collaboration with cybersecurity experts and industry partners can also play a vital role in enhancing the security posture of auto dealerships. The partnerships can provide access to the latest threat intelligence, best practices, and advanced security technologies. Additionally, dealerships can benefit from participating in industry forums and networks that focus on cybersecurity, allowing them to stay informed about emerging threats and solutions.
Despite the challenges, there is a silver lining. The survey indicates that many dealerships are planning to invest in various cybersecurity technologies this year. Cloud security solutions (20.39%), ransomware defense (19.42%), and AI for threat detection (17.48%) top the list of planned investments.
However, it is also concerning that only 9.71% of dealerships plan to invest in secure data-in-transit solutions, despite the critical importance of protecting data during transmission. That highlights the need for dealerships to prioritize investments in comprehensive cybersecurity measures that address all aspects of data protection.
The industry data trends serve as a wake-up call for the automotive industry, underscoring the need for immediate action to address cybersecurity gaps. With the continued evolution of digital strategies, the protection of customer data must be a top priority. Dealerships that fail to implement robust cybersecurity measures risk not only financial losses and reputational damage but also the trust and loyalty of their customers.
The alarming trend of inadequate cybersecurity practices among auto dealerships highlights the urgent need for enhanced data-protection measures. The survey conducted in November exposes significant gaps in current practices, particularly in the adoption of secure data-in-transit solutions.
To safeguard sensitive customer information and mitigate the risk of cyberthreats, dealerships must prioritize cybersecurity, invest in advanced security technologies, and foster a culture of awareness and vigilance. By taking those proactive steps, the industry can better protect itself and its customers in an increasingly digital world.
Karl Falk is founder and CEO of Botdoc, which allows organizations to employ a secure and encrypted channel with consumers to exchange documents, signatures, payments and other capabilities without the traditional challenges of passwords, applications, log-ins or plug-ins.
EDITOR’S NOTE: This article was authored and edited according to Auto Dealer Today editorial standards and style. Opinions expressed may not reflect that of the publication.
