Guarding Against Cyber Threats: 11 Key Strategies for Dealerships Amidst the CDK Global Breach

By Joel C. Kreider, CPA and Nathaniel J. Yost, CPA

The recent breach of dealership software provided by CDK Global underscores the critical need for robust cybersecurity measures within automotive dealerships. This breach has significantly impacted many dealers, exposing vulnerabilities and emphasizing the importance of proactive cybersecurity strategies.

Whether or not your dealership was affected, the reality is that the next cyberattack is mostly a matter of when, not if.

Dealers must take proactive steps to avoid becoming victims of cybercrime. Here are 11 tips to help your dealership deal with and guard against a hack should one occur:

1. Assess the impact

Whether or not your dealership was affected by the CDK breach, it's essential to evaluate your cybersecurity posture. If impacted, understand the breach's extent, secure compromised systems, and review exposed data.

For those not impacted, use this opportunity to assess vulnerabilities, ensure robust security protocols, conduct penetration tests, and stay informed about emerging threats. The more proactive you are, the more resilient your dealership can be against future cyber threats.

2. Secure financial systems

Implement multi-factor authentication for remote entry and enforce strong passwords across all systems. Encrypt data to ensure it is unreadable if stolen. Designate approved computer-related applications for employees, such as platforms for virtual meetings. Regularly review and update your organization's security policies and protocols, especially those related to handling financial data.

3. Communicate internally and have a Crisis Response Team

Notify all relevant personnel within the accounting department about the breach and instruct them on any immediate actions they need to take to secure their accounts or systems. Establish a Crisis Response Team with main points of contact in case of a cybersecurity incident. If hackers penetrate your system, you will want a group that includes your IT team, an attorney, a forensic accountant, and a cybersecurity expert.

4. Review transaction logs

Routinely examine transaction logs and financial records for any unauthorized or suspicious activity. Look for anomalies that may indicate fraudulent transactions and investigate them thoroughly.

5. Enhance security protocols

Continuously review and update your organization's security policies and protocols. Ensure all systems are checked for vulnerabilities and patched where necessary. Continue to train employees on best practices for cybersecurity and data protection. Remember, guarding against cyberattacks is not a once-and-done affair.

In light of the CDK Global breach, it's crucial to ensure employees remain vigilant and aware of phishing and other scams designed to steal business information. The public nature of the ransomware attack has emboldened scammers to exploit the situation. Fraudsters may trick recipients into clicking suspicious links, divulging personal and financial information, or downloading malware. Ensure your staff is cautious about unsolicited messages and avoids clicking on links in unexpected emails or texts.

6. Monitor for fraudulent activity

Continuously monitor accounts and financial transactions for signs of fraudulent activity. Set up alerts for unusual transactions or access attempts to detect potential breaches early.

7. Prepare external communications

Work with your PR and legal team to craft a standard prevailing crisis communications strategy. In the event of a breach or other crisis, your internal and external teams can immediately prepare the appropriate communication with external stakeholders such as customers or regulatory bodies, depending on the severity. During a crisis, coordinate public statements with your legal and PR teams to manage the situation effectively.

8. Learn and improve

Conduct a post-incident review with your Crisis Response Team to analyze what went wrong and implement necessary changes to prevent similar incidents in the future. Use this experience to strengthen your organization's cybersecurity posture.

9. Make sure you have a disaster recovery plan that includes backup information

Develop a disaster recovery plan that includes regular data backups, such as vehicle inventories and customer information. Ensure employees know how to restore information from backups, and verify that backup procedures are isolated from network connections. Keep your disaster recovery plan updated and include scenarios for various emergencies, including cyberattacks, power outages, and weather-related incidents.

10. Review vendor relationships

Assess the security measures of third-party vendors or partners with access to your financial systems. Consider making changes to these relationships to enhance overall security and reduce potential vulnerabilities.

11. Evaluate your insurance policies

Don’t wait until a cyberattack to start reviewing your coverage. Many companies find their existing business coverage inadequate if they face significant disruption. In the event of a hack, contact your carrier immediately. Failing to notify them promptly can result in a denied claim.

Moving forward

The ongoing repercussions of the CDK Global breach underscore the need for these measures, and by implementing the 11 tips outlined above, you can significantly strengthen your dealership's cybersecurity posture.

Ensuring your dealership has the necessary cyber safeguards is challenging. Boyer & Ritter can help. From the industry experts in our Dealership Group to our Operations and Technology Solutions team, our firm is ready to help your dealership develop practices and procedures to guard against hacks and, should one occur, help your organization deal with any issues.