MGT Consulting’s Dealer CISO (Chief Information Security Officer) is a tailored cyber security program to help auto dealerships meet FTC compliance, safeguard their IT infrastructure and customer data, and minimize the chances of suffering a cyber-attack that could ultimately be devastating to the organization.
The recently-revised FTC Safeguards Rule has taken what had been cyber best practices under the original version and has turned them into explicit cyber security legal requirements for auto dealerships moving forward.
Whether you need help augmenting your current cyber security efforts or need to build a cyber security program from the ground up, MGT Consulting’s Dealer CISO program provides the flexibility and scalability to meet your compliance requirements and protect your IT infrastructure.
FTC COMPLIANCE + KEY SECURITY CONTROLS
OPTIMAL CYBER SECURITY PROGRAM
Our cyber security program contains all the pieces to arm your auto dealership with the necessary security controls to meet the latest FTC Safeguards Rule without the overhead required to develop an internal cyber security team, all while providing a healthy separation of duties from your current IT resources:
- Virtual CISO: A dedicated cyber security consultant to act as your CISO (Chief Information Security Officer) to define, execute and manage all cyber security requirements
- Cyber Security Program: Development and management of a risk management program to define the long-term cyber strategy for your auto dealership
- Cyber Security Risk Assessment: An assessment of your auto dealership to identify all cyber risks and how to fix them
- Vulnerability Assessments: Biannual vulnerability assessments of your auto dealership IT network
- Penetration Testing: Manual penetration test of your auto dealership IT network to find and fix vulnerabilities a hacker could exploit
- Continuous network monitoring: 24/7/365 live active monitoring of your network in our Security Operations Center to identify and mitigate any potential attacks on your auto dealership network
- Security Training and Awareness: Phishing simulation and online training for all employees on safe cyber security practices.
- Security Policies and Procedures: Development of all documentation necessary to guide key areas in security and privacy such as incident response plans, password management, access management, or employee acceptable use, among others.
- Multifactor Authentication and Encryption: Assessment and implementation guidance for multifactor authentication and proper data encryption following the FTC Safeguards rule.
- Cyber Security Reporting: On-going cyber security reporting to auto dealership leadership on KPIs to ensure the success of the cyber security program.