Inflection Point | The Impact of the CDK Global Cyberattacks on the Auto Industry
The recent cyberattacks on CDK Global have thrown a wrench into the ability of auto dealerships across the US and Canada to sell cars, or do much of anything else.
This software provider, which supports around 15,000 dealers, is a Dealer Management System (DMS).
The attacks began on June 19 and have continued, with CDK warning that their systems might be down for several more days.
The DMS is the hub in which the business records of all CDK Global customers are created, stored, and modified.
Without their DMS, affected car dealers can’t do much of anything.
Losing access to your DMS either slows or kills your ability to sell cars, deliver cars to buyers, repair broken cars, check your inventory, schedule employees for work, get paid, or pay your suppliers.
With CDK offline, dealerships can’t register sales electronically and are relying on runners to deliver paperwork to the Registry of Motor Vehicles.
This has left dealers handwriting contracts.
And guessing at customers’ creditworthiness.
This situation is causing massive delays in the car-buying process, and slowing down the vehicle registration process since dealers can’t electronically transmit and receive the required data and payments.
The financial impact is also significant. CDK saw its stock drop by nearly 6 percent. Many dealer groups like AutoNation, also experienced stock declines.
And the commission-based employees of all those dealers won’t make much money.
Some dealerships have managed to avoid the outages and are operating normally because they don’t use CDK for the DMS. They can sell cars at normal speed because they’re cyber resilient.
The attack has had a nationwide impact. A Nissan dealership in Phoenix reported that business was almost at a standstill. The dealership has been able to process only about half the usual transactions.
Even if you don’t get attacked directly, you can still suffer when a critical 3rd-party stops delivering the goods and services you need to operate your business.
The reliance on a few DMS providers has left thousands of retailers highly dependent on these companies for financing, insurance, inventory management, and sales processing. When one dominant provider goes down, the effects are felt far and wide.
Can you see that cyber is a material business risk, not just a technology issue?
This situation is a grim reminder of the importance of cybersecurity, resilience, and 3rd-party risk management.
What do you think about the impact of this cyberattack on the auto industry? Hit comment and let me know.
I read every comment you post.
-Kip
P.S. Please share this "Inflection Point" with someone you care about.
Subscribe here !
Current Podcast Episode: “How to Find Your Top 5 Cyber Risks”
You can find your top 5 cyber risks using a “top down” approach with the NIST Cybersecurity Framework. Along the way, you can shift your organization towards better practice of reasonable cybersecurity. Know how? Let’s find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
领英推荐
You can see our “zero through ten” scale scorecard here .
You can watch our interview prep video here.
By the way...
I’m back from teaching in the Philippines.
Had a great time, just like last year.
Wonderful people and such good food.
Too bad it’s so far from Seattle.
The air travel one-way is at least 24 hours long, including 16 hours sitting in an A330-900 neo.
Nice plane but I still have to figure out how to navigate 14 time zones!
Ugh.
Kip Boyle is a husband, dad, entrepreneur, and experienced cyber risk manager. He founded Cyber Risk Opportunities LLC in 2015, after seven years as the CISO of PEMCO Insurance in Seattle. As a captain on active duty in the US Air Force, he served in the Combat Archer and F-22 Stealth Fighter programs where he was the director of enterprise network security. These days, he serves as virtual chief information security officer for many customers, including a professional sports team and fast-growing FinTech and AdTech companies. Over the years, Kip has built teams by interviewing hundreds of cybersecurity professionals. And now, he’s sharing his insider’s perspective with you!
113 Cherry St #92768, Seattle, WA 98104-2205Kip Boyle, Founder, vCISO, Best-Selling Author, Speaker, Podcast Host, Entrepreneur, Trainer, Consultant, Cyber Resilience Subject-Matter-Expert
Cyber Risk Analyst | Security Enthusiast | Indigenous
4 个月And a lot of these companies will still say "Our business could work 100% fine with no technology" yeah, sure...