Data sheet / solution brief

Multi-Signal Managed Detection and Response for US Automotive Dealers

According to the Federal Trade Commission (FTC), automotive dealerships are considered financial institutions since they are a business that engages in activities that are financial in nature by issuing and extending credit for the purposes of leasing or financing automobiles.

As a result, all auto dealerships in the U.S. are required to comply with the FTC Safeguards Rule, which was first introduced in the 2003 Gramm-Leach-Bliley Act (GLBA), designed to protect sensitive customer information.

On June 9, 2023, new Federal Trade Commission (FTC) Safeguards Rule requirements will come into effect.

All automotive dealerships must comply with the updated requirements and will be expected to deploy and implement an information cybersecurity program with the required administrative, technical, and physical safeguards to protect customer information.

Any auto dealership that is found to be in violation of the GLBA may be subject to penalties for noncompliance including fines and imprisonment.

At eSentire, we support automotive dealers through a combination of our vCISO services, as part of our Managed Risk Services portfolio, 24/7 Managed Detection and Response (MDR), and Incident Response services to ensure your auto dealership remains compliant and internal/customer data remains protected.

Read this solution brief to learn more about:

  • The two primary reasons that auto dealers are attractive targets for cyberattacks
  • How to achieve compliance with the FTC safeguards rule to protect customer information, including the 9 elements that auto dealerships must have in place as part of their information security program
  • Potential GLBA penalties for noncompliance
  • How eSentire MDR addresses key automotive industry challenges, including the results the automotive industry can expect

Get The Data sheet / solution brief