citrincooperman.com
The 60 Second Cybersecurity Assessment for Automotive Dealerships Do you conduct periodic cybersecurity risk assessments to help focus your resources on the threats that are most likely to occur and/or impact your dealership? Have you established a comprehensive cybersecurity program to comply with the Federal Trade Commission Safeguards Rule? Do you complete periodic penetration tests to determine whether there are any active threats or vulnerabilities in your dealership’s environment that can be leveraged by cyber criminals? If your dealership accepts payment cards, are you compliant with the latest version (4.0) of the Payment Card Industry Data Security Standards, known as PCI DSS? Have you established security policies and procedures to provide the necessary guidelines needed to reduce the risk of an incident? If you utilize a cloud-based dealer management system (DMS), have you evaluated whether you’ve addressed the requirements spelled out in the vendor’s SOC report? Are you providing periodic cybersecurity awareness training and supplementary spear phishing campaigns to prepare your employees to detect and avoid attacks? Have you acquired a cyber insurance policy that would cover the relevant risks that threaten your dealership? Do you regularly patch all of your applications, networking hardware, servers, and workstations so that they are more resistant to security threats? Do you have the necessary backup solution, response plan, and external resources in place to rapidly respond and recover from a cyber incident such as a ransomware attack?
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
Yes
No
If you have answered “No” to any of these questions, contact us to explore how we can help you fortify your cyber defenses and keep your business secure from the threat of cyber criminals.
GET IN TOUCH Kevin Ricci, Partner kricci@citrincooperman.com “Citrin Cooperman” is the brand under which Citrin Cooperman & Company, LLP, a licensed independent CPA firm, and Citrin Cooperman Advisors LLC serve clients’ business needs. The two firms operate as separate legal entities in an alternative practice structure. The entities of Citrin Cooperman & Company, LLP and Citrin Cooperman Advisors LLC are independent member firms of the Moore North America, Inc. (MNA) Association, which is itself a regional member of Moore Global Network Limited (MGNL). All the firms associated with MNA are independently owned and managed entities. Their membership in, or association with, MNA should not be construed as constituting or implying any partnership between them.