A ransomware response plan is essential for auto dealers
High-profile cyber incidents have highlighted the need for auto dealerships to prepare for the impacts due to loss of critical services and theft of sensitive data. Here are some factors to consider when creating an incident response plan.
5 minute read
Key takeaways
- Auto dealerships are facing an increasing number of cyberthreats that can debilitate operations and compromise customer and financial data.
- Creating a ransomware response plan is a critical piece of any dealership’s preparedness.
- By implementing basic controls and best practices, an incident response plan can improve security for dealerships, even those with limited IT and cyber defense budgets.
When a software and applications vendor was compromised by ransomware in June 2024, thousands of auto dealerships felt the effects. Essential management systems became inaccessible, sales and financing transactions went manual or stopped, and sensitive customer and business data was compromised. By one estimate, auto dealerships lost over 50,000 new vehicle sales and suffered over $1 billion in damages in the month after the incident was reported.1
Although this was an “upstream” incident that began with a critical service provider, the ransomware event highlighted the elevated risk auto dealerships face. A 2024 study found that 35% of surveyed dealers had dealt with some type of cyber incident in the past year. What’s more, ransomware was rated as the most serious cyberthreat these businesses face.2
In this environment, every dealership needs a plan for what they must do if they’re targeted.
Why a ransomware response plan is essential
Even dealerships that lack the resources to hire security professionals or invest in advanced controls can greatly improve their defenses by constructing a response plan that includes proactive measures such as data protection, raising employee awareness and implementing core best practices.
A plan that outlines how a business can prepare against cybersecurity threats and respond to incidents can help limit the damages related to loss of data and operations. It can also improve the chances of avoiding many types of incidents, including ransomware.
The guidelines below can help dealerships create a response framework that can be tailored to their specific organization and capacity for planning.
Key elements of a ransomware response plan
Ransomware response depends on a timely assessment of a live incident’s severity and impact, clearly defined roles and reactions and a thorough investigation to ensure the threat is neutralized and operations can be brought back to a secure state. To be effective, your strategy must be in place before an incident occurs. Here’s how to get started.
Fraud & Cybersecurity
New threats emerge every day that can negatively impact transactions and businesses. Explore the latest insights and resources to help prepare and protect you and your business.