Multi-Signal Managed Detection and Response for US Automotive Dealers

Prevent revenue disruption and achieve compliance with 24/7 threat detection, investigation and containment that secures your auto dealership

According to the new Federal Trade Commission (FTC) Safeguards Rule update, automotive dealerships are considered financial institutions since they are a business that engages in activities that are financial in nature by issuing and extending credit for the purposes of leasing or financing automobiles. As a result, all auto dealerships in the U.S. are required to comply with the FTC Safeguards Rule, which was first introduced in the 2003 Gramm-Leach-Bliley Act (GLBA), designed to protect sensitive customer information.

As a financial institution with access to highly valuable customer data, automotive dealers are expected to deploy and implement an information security program with administrative, technical, and physical safeguards designed to:

• Ensure the security and confidentiality of consumer information.
• Protect against anticipated threats or hazards to the security or integrity of that information.
• Protect against unauthorized access to that information that could result in substantial harm or inconvenience to any customer.

Many auto dealers may think of themselves as a local small business within a community. However, given that dealerships are considered the retail operational fronts for the automotive industry, they are highly susceptible to cyberattacks that impact the financial, retail, and manufacturing industries. In addition, there are two primary reasons that auto dealerships are attractive targets for cyberattacks:

• Automotive dealers are susceptible to experience a higher volume of cyber threats due the considerable amount of sensitive customer data they possess.
• Senior leaders may not see their dealerships as an attractive target, even if they understand the importance of cybersecurity.

It’s likely that cybersecurity is not top-of-mind for auto dealerships, rendering them poorly prepared to withstand or recover from a cyberattack. As a result, cybercriminals, many of whom use Ransomware-as-a-Service (RaaS) or Malware-as-a-Service (MaaS), view the average dealership as low hanging fruit with the potential of a quick payday.

Achieve Compliance with the FTC Safeguards Rule to Protect Customer Information

By June 9, 2023, new Federal Trade Commission (FTC) Safeguards Rule requirements come into effect. All financial institutions – including automotive dealerships – must comply with the updated requirements and will be expected to have deployed and implemented an information security program with administrative, technical, and physical safeguards to protect customer information.

The Safeguards Rule defines “customer information” as any record containing nonpublic personal information about a customer of a financial institution, whether on paper, electronic, or other forms, that is handled or maintained by or on behalf of you or your affiliates. It also further defines personally identifiable financial information to mean any information:

• A consumer provides to you to obtain a financial product or service from you;
• About a consumer resulting from any transaction involving a financial product or service between you and a consumer; or
• You otherwise obtain about a consumer in connection with providing a financial product or service to that consumer.

Potential GLBA Penalties

GLBA applies to all financial institutions, including auto dealerships, and penalties for noncompliance include fines and imprisonment. Any auto dealership that is found to be in violation of the GLBA may be subject to:

Introducing eSentire

We are recognized globally as the Authority in Managed Detection and Response because we hunt, investigate, and stop known and unknown cyber threats before they become business disrupting events. We were founded in 2001 to secure the environments of the world’s most targeted industry—financial services. Over the last two decades, we have scaled our cybersecurity services offering to hunt and disrupt threats across every industry on a global scale.

With two 24/7 Security Operations Centers (SOCs), hundreds of cyber experts, and 2000+ customers across 80+ countries, we have scaled to deliver cybersecurity services across highly regulated industries with a proven track record of success in securing businesses in the automotive industry.

At eSentire, we go beyond the market’s capability in threat response and specifically address cybersecurity risks for the automotive industry. eSentire’s multi-signal MDR approach ingests endpoint, network, log, cloud, asset and vulnerability data to enable complete attack surface visibility. Enriched detections from the eSentire Threat Response Unit (TRU) are applied to captured data identifying known & unknown threats including suspicious activity and zero-day attacks. Our SOC Cyber Analysts, and Elite Threat Hunters are mission-driven to put the automotive industry ahead of business disruption. Powered by our industry-leading XDR cloud platform and unique threat intelligence, eSentire can detect and respond to cybersecurity threats in the automotive industry with a Mean Time to Contain of 15 minutes.

At eSentire We Support Automative Dealers By:

• Preventing operational disruption of internal and consumer-facing services through a combination of 24/7 Managed Detection and Response, Managed Risk Services, and Incident Response Services
• Ensuring that any regulatory penalties and third-party costs associated with data breaches are minimized
• Ensuring your business remains compliant with stringent cybersecurity compliance and regulatory mandates, such as the Safeguards Rule and the GLBA
• Reducing your business risk by helping your team identify your critical sources of value, discover existing vulnerabilities, and address them based on what would have the worst impact to your organization
• Protecting your data and customer data from ransomware attacks, third-party risk, data theft or exposure, and insider threats

Whether your organization’s assets are stored in the cloud, on-premises, or in a hybrid environment, we detect and contain threats that other MDR providers miss. Our global 24/7 SOCs have discovered instances of ransomware gangs targeting our automotive industry customers and have interrupted their activities before they could establish a foothold by:

• Using endpoint protection to prevent the disabling of defenses
• Detecting malicious administrative activity through remote access tools using proprietary machine learning algorithms
• Blocking active attempts to deploy user credential collection tools, malware payloaders, and multiple ransomware attacks

eSentire Cybersecurity Services Portfolio

It's critical to employ a multi-layered defense strategy to prevent ransomware from disrupting your business such as the exfiltration of sensitive customer data— this is why 24/7 Multi-Signal MDR is so important as part of your defensive strategy. Our cybersecurity services portfolio is designed to prevent breaches, simplify security and minimize your business risk. We provide around-the-clock threat protection that is proactive, personalized and cost-effective.

Gain Confidence, Control & Expertise

Managed Risk
Services

TAKE CONTROL OF
CYBER RISK

Strategic services including Vulnerability Management, vCISO and Managed Phishing & Security Awareness Training to identify gaps, build defensive strategies, operationalize risk mitigation and continuously advance your security program.

Managed Detection and Response

PREVENT THREATS BECOMING BUSINESS DISRUPTING EVENTS

We deliver Response + Remediation you can trust. By combining our cutting-edge XDR platform, 24/7 threat hunting and security operations leadership, we hunt and disrupt known and unknown threats before they impact your business.

Digital Forensics and Incident Response

BE READY WITH THE WORLD'S FASTEST THREAT SUPPRESSION

Battle-tested Incident Commander level expertise, crime scene reconstruction and digital forensics investigations that can bear scrutiny in a court of law. The world’s fastest threat suppression with a 4-hour SLA available with our IR Retainer.

eSentire MDR features include:

Why the Automotive Industry Choose eSentire

Put Your Business Ahead of Disruption

• Recognized - The Authority in Managed Detection and Response
• Simple - We absorb the complexity of cybersecurity so you can prioritize your operations
• Scalable - Industry’s most powerful machine learning XDR Cloud Platform can ingest data at the pace and scale of your business
• Precise - We’re on the cutting-edge of attacker Tactics, Techniques and Procedures mitigating your risk of being breached
• Fast - Extreme time to value as you will be fully operational within weeks
• Responsive - We own the R in MDR to provide extensive response capabilities and threat hunting around the clock
• Compliance - Our 24/7 Global SOCs leverage proven runbooks which include plays to manage issues and reporting for PCI DSS, PII, CCPA, GDPR, HIPAA, as well as state-level rules such as NYCRR 500.
• Cost-Effective - 24/7 threat protection, detection and response at a fraction of the cost of DIY security programs
• Complete - Multi Signal Coverage and comprehensive security services support
• Team - Cyber Risk Advisor + SOC Cyber Analyst and Elite Threat Hunters on guard for your business 24/7
• Results the Automotive Industry Can Expect:
  • ~50% reduction in total cost of ownership (TCO) for threat detection and response
  • 50%+ additional coverage on top of commodity threat intelligence, leveraging proprietary technology and our food manufacturing network of customers
  • 9% reduction in threat detection and containment times from global averages