Knowledge is Power: Cyber Insurance 101 - AutoSuccessOnline

Main Navigation

Advertisement
Social Connect
Resources
Our Brand Family
AutoSuccess Online
The No. 1 Sales-Improvement Source for the Automotive Professional
Sponsored Content

Knowledge is Power: Cyber Insurance 101

While the goal of cybersecurity is to shut down data breaches and other cyber threats before they happen, the reality is you’d still be responsible for any sensitive information stolen in the event of a successful cyberattack.

Nikhil Kalani
By Nikhil Kalani
Nikhil Kalani is the chief information security officer & vice president of information security for Reynolds and Reynolds. Visit ReyRey.com.
Published:

Sponsored by Proton Dealership IT

While the goal of cybersecurity is to shut down data breaches and other cyber threats before they happen, the reality is you’d still be responsible for any sensitive information stolen in the event of a successful cyberattack. In its simplest definition, cyber insurance can cover financial losses sustained from a cyberattack and cover your liability for a data breach involving customer information. Costs can include legal fees, notifying customers about the breach, and repairing or replacing computer systems.

The average cost of a ransomware claim is $485,000. For most dealers, just the thought of facing that kind of situation is scary, and facing it without coverage is even more terrifying! Yet, in 2023, 40 percent of companies purchased cyber insurance only after they had incurred a cyberattack. Taking action before an incident will save you money in the long run.

Cyber insurance does not replace cybersecurity

Insurance is meant to be one piece of your larger, risk-preventing puzzle. To have the best security program possible, your dealership should have a strong IT foundation followed by an up-to-date, monitored cybersecurity program, well-maintained compliance standards, and cyber insurance. Every layer works together to ensure you’re as protected as you look on paper.

Recent price surges and why they happened

Cyber insurance prices have been growing at an alarming rate. You may have experienced premium increases of 250 percent or more compared to a few years ago. It can be difficult to understand the high price point and know how to position your dealership for significant savings. The reality for cyber insurance companies is they’ve lost money the past few years by offering policies too broadly. As ransomware and other attacks have become rampant, claims have been more frequent and larger than anticipated. Now, insurance companies are only looking for “good risks.”

A “good risk” is a business that follows good IT protocols, security best practices, and cyber hygiene. These best practices also overlap with the FTC Safeguards Rule, thus giving you a two-for-one victory!

How to become a “good risk”

Here are the steps needed to become a “good risk” and harden your defenses against cyberattacks:

  • Use multi-factor authentication (MFA) for admin accounts, cloud access, and remote access.
  • Outsource endpoint protection, like PCs and servers to a 24/7 Security Operations Center. A good Security Operations team can respond to security alerts within minutes and shut down attacks in their infancy.
  • Ensure you have reliable backups that are “air-gapped.” This means they are offline- either physically or logically- so malicious actors can’t tamper with them.
  • Invest in a strong email filter. Phishing emails act as the entry point for 95 percent of all attacks.
  • Ensure you’re using current-generation, supported operating systems and hardware, like firewalls. These systems need to receive regular security updates to maintain protection against the newest threats.
  • Manage your third-party risks. These are vendors that have access to your data or your network. Suppliers are a common route to getting hacked!
  • Provide high-quality security awareness training to your organization and review results frequently. Follow up on associates who don’t complete training or fail their phishing tests.
  • Have a solid, rehearsed Incident Response Plan. Conduct a tabletop rehearsal at least once a year.

How to actually save money

Once these steps are in place, share your information security program with your broker. An alternative way that’s growing in popularity is to obtain insurance through your IT or cybersecurity service provider, who may have partnerships with insurance companies.

You can prove the quality of your program and diligence by sharing key metrics:

  • Your phishing test results (including “phish prone” percentage), ideally under five percent.
  • Systems protected by Managed Detection and Response.
  • Percentage of MFA enrollment.
  • Percentage of vendor-supported devices (unsupported systems should be zero).
  • Results from the last backup test.
  • Penetration test results.

With a solid program and a demonstration of your diligence, you can help your dealership qualify for the best cyber insurance rates possible!

Sponsored by Proton Dealership IT.

You May Also Like

Sponsored Content

Synchrony Study Reveals Future Shoppers Seek New Experiences

According to their research, consumers are beginning to seek highly personalized shopping experiences that simplify choice and flexibility!

Synchrony Financial
By Synchrony Financial
Published:

Have you heard about the new, eye-opening study from Synchrony titled The Future of Shopping? According to their research, consumers are beginning to seek highly personalized shopping experiences that simplify choice and flexibility! They found that retailers who focus on shopping as an experience rather than an isolated event, will find success if they continue to innovate and differentiate themselves through unique promotions, physical connections and new technology.

Read Full Article

More Sponsored Content Posts
Carvana Pilots OEC Payments Solution & Processes $4.4M in Seamless, Automated Transactions

In order to provide a top-tier customer experience, seamless interactions are an absolute must.

By OEConnection LLC
Why Dealers Switch From DOWCs to ARCs

By now, most dealers are familiar with the “dealer-owned warranty company” or “DOWC” concept and, more likely than not, have reviewed a presentation touting the benefits of this structure. Providers promoting this structure often highlight certain benefits that are very enticing and alluring to dealers that are currently in reinsurance. However, providers regularly fail to

By Andrew Seger
EV Trends from Black Book

Most OEMs have plans for EVs in the pipeline. It is vital to get your service, parts and sales staff trained and prepare your facilities to accommodate this inventory-type change.

By AutoSuccess Contributor
Dry Ice Blasting – Save Time & Boost Car Values

Reconditioning cars to prepare them for the used car market is no easy task. The labor hours, harsh chemicals, awkward angles, and use of sharp blades, wire brushes, and rags really add up. What if there was a way to recondition a car – inside and out – in a fraction of the time without

By Cold Jet

Other Posts

Tracking a Weekly $10K Gain

Keeping track of your high-value, moving assets can be tedious, haphazard — and high risk to your efficiency and competitiveness. It need not be that way.

By AutoSuccess Contributor
Safety Recalls: Boost Revenue, Now!

Learn how recall verification and monitoring data science from AutoAp integrated with reconditioning identifies and catches all open recalls and often reports them before OEMs notify their dealers

By Mark Paul
Breaking Down Cybercrime in Automotive

Your dealership is a treasure trove of data. Think about it… names, phone numbers, addresses, work details, salary, and social security numbers for hundreds, if not thousands, of consumers. Financial details about their vehicle purchases. Credit card information from service. The list goes on and on. All of this data makes dealerships a prime target

By Proton Dealership IT
Understanding Automotive Connected Consumers

Discover how auto advertisers can build effective marketing strategies for reaching connected consumers.

By Amazon Ads