Tammy Richards, Director of Business Operations at DIS, and Craig Cogle, Director of Cloud Operations at DIS, joined Casey Seymour on the Moving Iron Podcast to discuss the critical importance of cybersecurity and business continuity planning.
Here is a summary of what they cover in the episode:
Business Continuity Planning (BCP)
Free Business Continuity Toolkit
- Customer Payments Sheet
- Aged Payables Summary
- Tech Time Tracking Sheet
- ROA Payments Sheet
- Customer Payments Sheet
Cybersecurity Readiness
Global Cybersecurity Trends:
- Ransomware Attacks in 2023: 317.59 million incidents, a 20% increase from 2022.
- Businesses Affected in 2023: 72.7% globally, the highest recorded rate.
- Cyber Attacks in 2024 Q2: Average of 1,636 attacks per organization per week, a 30% year-over-year increase.
Cyber Attacks in the Dealership Industry:
- Targets include CDK, Crown Equipment, AGCO.
- Rising attacks driven by profitability, political motives, hacktivism, and recognition.
Common Attack Methods:
- Phishing Attacks
- Unpatched Software Vulnerabilities
- Weak Credentials and Lack of MFA (Multi-Factor Authentication)
- Stolen Passwords
- Social Engineering
Reducing Cybersecurity Risks
Building a Security Culture:
- Foster a security-first mindset across the organization.
- Adopt frameworks like NIST (National Institute of Standards and Technology) or ISO.
Training and Awareness:
- Implement cybersecurity and phishing awareness training.
- Utilize free resources from platforms like KnowBe4 or CISA (Cybersecurity and Infrastructure Security Agency).
Establishing Security Best Practices:
- Develop a Security Incident Response Plan.
- Partner with cybersecurity experts.
Operations and Best Practices:
- Use anti-virus/malware protection on all devices.
- Regularly update systems, software, and browsers.
- Back up data consistently.
- Manage system access; assign permissions based on role.
- Enforce password complexity and schedule regular rotations; implement MFA.
- Securely manage passwords using password management tools.
- Promptly revoke system access for departing employees.
Network Security Measures:
- Secure wireless networks.
- Allow only essential network traffic through the firewall.