Cybersecurity for car dealers.

The cybersecurity and privacy demands on car dealers are growing at a rapid rate. Car dealers – many of whom process large amounts of sensitive PII – are now required to adopt certain mandatory cybersecurity and privacy safeguards to ensure the protection of client data.

In October of 2021, the FTC implemented the new requirements, along with stricter penalties for noncompliance, to the tune of $11,000 in fines per day per incident.

A summary of the new requirements is as follows:

  • Car dealers must assign a program coordinator to be responsible for overseeing compliance of the rule.
  • Car dealers must perform a risk assessment.
  • Car dealers must develop an information security program and document it in writing.
  • Car dealers must oversee its service providers.
  • Car dealers must update, maintain, and train in relation to its information security program.

The new ruling creates the requirement for both a fiscal and time investment in order to meet compliance. Car dealers may choose to leverage a third party to assist in alleviating this pressure, or bring expertise in-house; the latter being the more costly option.

Want to learn more about the FTC regulations for car dealers?

Just drop your email in the box for a member of the team to get back to you.

Explore our services.

Secure Access Service Edge (SASE)
Managed SOC
Third Party Assurance
Penetration Testing
Cybersecurity Awareness Training
Incident Response

Contact Us

Submit an RFP

About

Blog

Client Support