Business Interruptions: Mitigating Cybersecurity Risks from External Hacks

Download MP3
Introduction:
  • Discussing the CDK ransomware hack affecting tens of thousands of dealerships in June 2024.
  • Exploring how businesses can be impacted by cyber liability and cybersecurity, even if not directly affected.
What is the CDK Hack?
  • CDK provides automotive dealership services to new and used car dealerships and truck dealerships nationwide.
  • Services include managing sales, service, parts departments, and accounting in the cloud.
Details of the CDK Hack:
  • Hackers locked up the CDK system through ransomware.
  • The hack was a prolonged process involving virus planting and data collection.
  • Although individual dealerships were not hacked, their operations were severely impacted as they relied on CDK.
Impact on Dealerships:
  • Dealerships struggled to sell cars, provide service, and manage parts inventory.
  • Many dealerships resorted to paper and pencil for operations, but this was not sufficient for all tasks.
  • Sales and service departments faced significant disruptions, leading to potential financial losses.
Broader Implications:
  • Similar vulnerabilities exist in many industries with centralized service providers.
  • Industries like broadcast news, manufacturing, and others could face similar disruptions if their service providers are hacked.
Liability Considerations:
  • Potential legal and financial liabilities for dealerships affected by the hack.
  • Possible claims from customers, employees, and vendors.
  • Importance of understanding third-party liability and insurance coverage.
Lessons Learned:
  • Importance of having a response plan for cyber events.
  • Ensuring active monitoring of systems to detect early signs of attacks.
  • Creative solutions adopted by dealerships, such as reverting to old systems and using manual processes.
Conclusion:
  • The CDK hack serves as a case study in the cascading effects of cybersecurity breaches.
  • Businesses need to anticipate potential disruptions and have contingency plans in place.
  • Regularly review and update cyber liability insurance policies to ensure adequate coverage.
Additional Resources:
  • Mention of live one-on-one consultations available through actualhuman.com with experts in various fields, including cybersecurity, insurance, and more.
Call to Action:
  • Encouragement to think ahead about potential cyber threats and to develop robust response plans.
  • Importance of active monitoring and proactive measures to mitigate risks.
Thank you for listening!
Visit actualhuman.com for expert consultations and more information on safeguarding your business against cyber threats.
Business Interruptions: Mitigating Cybersecurity Risks from External Hacks
Broadcast by