Sure, technology is rapidly advancing the automotive retail and subprime lending industries, but this evolution has also brought about new challenges in the areas of cybersecurity. The ransomware event of the summer of 2024 made many headlines, and since then the entire industry is taking a closer look at digital security.
Even with this increased awareness, a recent online survey conducted in November 2024 has shed light on the alarming gaps in cybersecurity practices among auto dealerships and subprime lenders, highlighting the continued need for enhanced data protection measures.
Still A Glaring Deficiency
The survey results reveal a concerning trend: while many lenders and retailers have implemented basic security measures, such as antivirus software (17.48%) and firewalls (19.42%), there is a glaring deficiency in more advanced protections. This lack of comprehensive cybersecurity strategies leaves subprime lenders vulnerable to cyber threats, which can have devastating consequences for both the businesses and their customers.
One of the most striking findings from the survey is the minimal adoption of secure data in transit solutions, with only 9.71% of lenders and retailers currently employing this critical component. Secure data in transit solutions are essential for protecting sensitive customer information as it is transmitted between systems. Without these protections, data can be intercepted and compromised, leading to potential data breaches and identity theft.
Some Lenders Not Even Sure If They’ve Been Hacked
Furthermore, the survey reveals a troubling trend in cyber attack experiences. While 19.42% of lenders reported they have been victims of data breaches or cyber attacks, a significant 40.78% remain unsure if they have been compromised at all. This uncertainty points to a critical need for improved detection and response capabilities. Lenders and dealerships must be able to identify and respond to cyber threats promptly to mitigate potential damage and protect customer data.
The importance of data protection cannot be overstated, especially in an industry that handles a vast amount of personal and financial information. Subprime lenders collect and store data such as customer names, addresses, social security numbers, and credit card information. This data is a prime target for cybercriminals, who can exploit vulnerabilities to gain unauthorized access and misuse the information for fraudulent activities.
Despite the clear risks, the data indicates that many lenders are not prioritizing cybersecurity to the extent necessary. This oversight can be attributed to several factors, including a lack of awareness about the severity of cyber threats, limited resources, and the misconception that basic security measures are sufficient. However, as cyberattacks become more sophisticated, it is imperative for lenders and dealerships to adopt a proactive approach to cybersecurity.
Finding Resources Is Still Difficult
A key challenge highlighted by the data is the difficulty lenders face in finding the right cybersecurity tools and resources. Twenty-four percent of respondents cited an inability to find the right partner or resource as their biggest obstacle in implementing cybersecurity measures. This struggle emphasizes the need for specialized cybersecurity solutions tailored to the subprime lending industry. These lenders require partners who understand their unique challenges and can provide customized solutions to address their specific needs.
To address these gaps, lenders and dealerships must first recognize the critical importance of data protection and the potential impact of a data breach. This awareness should be followed by a comprehensive assessment of current cybersecurity practices and the identification of areas that require improvement.
Moreover, employee training and awareness programs are crucial in fostering a culture of cybersecurity within the organization. Employees should be educated about the latest cyber threats, safe online practices, and the importance of safeguarding customer data. By empowering employees with the knowledge and tools to recognize and respond to potential threats, dealerships can significantly reduce the risk of cyber incidents.
Collaboration with cybersecurity experts and industry partners can also play a vital role in enhancing the security posture. These partnerships can provide access to the latest threat intelligence, best practices, and advanced security technologies. Additionally, lenders and dealerships can benefit from participating in industry forums and networks that focus on cybersecurity, allowing them to stay informed about emerging threats and solutions.
Despite the challenges, there is a silver lining. The survey indicates that many lenders and dealerships are planning to invest in various cybersecurity technologies throughout 2025. Cloud security solutions (20.39%), ransomware defense (19.42%), and AI for threat detection (17.48%) top the list of planned investments. However, it is also concerning that only 9.71% of subprime lenders plan to invest in secure data in transit solutions, despite the critical importance of protecting data during transmission. This highlights the need for lenders and dealerships to prioritize investments in comprehensive cybersecurity measures that address all aspects of data protection.
The industry data trends serve as a wake-up call for the automotive industry, underscoring the need for immediate action to address cybersecurity gaps. With the continued evolution of digital strategies, the protection of customer data must be a top priority. Lenders and dealerships that fail to implement robust cybersecurity measures risk not only financial losses and reputational damage but also the trust and loyalty of their customers.
The alarming trend of inadequate cybersecurity practices among auto professionals highlights the urgent need for enhanced data protection measures. The survey conducted in November 2024 exposes significant gaps in current practices, particularly in the adoption of secure data in transit solutions. To safeguard sensitive customer information and mitigate the risk of cyber threats, lenders and dealerships must prioritize cybersecurity, invest in advanced security technologies, and foster a culture of awareness and vigilance. By taking these proactive steps, the automotive industry can better protect itself and its customers in an increasingly digital world.
- Botdoc cybersecurity auto industry survey; November 2024; survey presented to more than 2,500 dealer professionals
