Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsRetail/Restaurants/Convenience

Dealerships must put cybersecurity plans in place for FTC compliance

By Brenda Lynch
Car dealership

Image via Unsplash

February 8, 2023

With new cyberattacks emerging at a rapid rate, it is essential for auto retailers to protect their dealerships and customer data. According to CDK Global's State of Cybersecurity e-book, less than 50% of dealers are adequately prepared to meet the Federal Trade Commission's (FTC) cybersecurity requirements by June 9, 2023. In addition, only 35% fully comprehend the new ruling, which includes such protection mandates as multi-factor authentication, data encryption and data and systems inventory.

The stakes have escalated in terms of avoiding IT-related business outages, reputation damage and fines for failing to comply with the FTC’s new deadline, according to the e-book, which compiled automotive-specific survey data from dealership personnel to provide peer-to-peer insights to consider when evaluating cybersecurity posture and ongoing strategy for the June 9 compliance.

For example, the main threats that dealers are now experiencing, include: email phishing, ransomware and lack of employee awareness. While auto retailers understand the importance of these cybersecurity threats and are still concerned — 89% of those surveyed say these threats are more important than a year ago — dealers are only 37% confident in their protection.

Ransomware is a major point of focus as hackers continue to hitting increasingly bigger targets. Hackers thrive in a business model that is financially attractive for them: low overhead and high profits, making dealerships a prime target. Looking at the average payouts over time, there is some volatility, although the costs remain high and are an enormous burden for the average dealership.

The average payout for ransomware was $228,125 for the second quarter of 2022, which is an 8% increase from the first quarter. The growing payout amount is likely due to increased work-from-home environments and reliance on distributed networking and applications needed to support this adjustment in employee behavior.

Auto retailers have been doing well with implementing anti-virus software, securing their network, patching and pursuing cyber insurance. However, gaps remain, such as real-time monitoring and formal cybersecurity response plans, which are critical components for the FTC Safeguards Rule. The amended rule includes compliance measures such as securing customer data and implementing a comprehensive information security program.

Dealers must ensure they are collaborating with their software vendors to meet these requirements and have a comprehensive and flexible plan in place for both the IT infrastructure and cybersecurity protection. It is also recommended that dealers have a qualified person or leader to take charge of cybersecurity posture within the dealership. They can consider investing in a chief information security officer (CISO) or Virtual CISO, while working with their legal team along the way.

There's no one-size-fits-all approach to cybersecurity. It is a moving target that requires constant attention. The top concern is no longer if you get attacked, but when. However, having a layered approach to protecting a dealership’s IT infrastructure through proactive cybersecurity measures can help cut through the complexity, including:

  • Prevention: 24/7 monitoring, web content filtering, employee training, authentication and compliance.
  • Protection: Detect incoming threats, rogue device detection and securing devices and networks.
  • Response: Contain threats quickly through recovery, roll back computers to a known good state, remediation, containment and a robust response plan.

A solid plan helps minimize uncertainty, confusion and guesswork. By following the right cybersecurity plan, dealerships can assemble a security team that is ready to reduce threat response time and malicious activities. Staying ahead of evolving technology and cybersecurity will continue to be a crucial component to running a competitive, successful dealership.

More information on the e-book is available here.

KEYWORDS: cybersecurity FTC regulations hackers IT infrastructure monitoring theft prevention

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Brenda Lynch is a Senior Product Marketer at CDK Global.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Leadership and Management
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Broken wet floor sign

Why Response Time Is Becoming the Missing Metric in Workplace Safety and Security

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Medical professional

Nearly 85% of Nurses Experienced Workplace Violence in the Last Year

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • coronavirus

    Half of information security professionals had no contingency plan in place for COVID-19

    See More
  • cell phone security

    Everything in One Place: Best Practices for Keeping Mobile Devices Secure

    See More
  • us-capitol

    Security practices state Capitols should put in place today

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • Hospitality Security: Managing Security in Today's Hotel, Lodging, Entertainment, and Tourism Environment

  • Photonic Sensing: Principles and Applications for Safety and Security Monitoring

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing