Are You Prepared for a Cyberattack?

You have probably seen the headlines regarding the recent cyberattacks on prominent industry players. A leading DMS suspended operations because of a cyberattack, and two multi-rooftop dealerships recently reported cyberattacks. You have taken the first step in building your defenses by implementing the A2Safe Hub system, but even so, there are things you can do to increase your ability to protect your business and your customers.

If you have a mindset that you WILL be attacked and build defenses under that mindset, you will be prepared. Your A2Safe Hub gives you the tools necessary to build, mature, and maintain a strong Information Security program. No system can guarantee 100% protection. However, following a proven framework can significantly reduce your vulnerability and increase your ability to rapidly identify and respond to information security incidents.

• Update your A2C Simple Assessment. Review your assessment, make updates and identify aspects of your information security program that need updating.
• Coordinate with IT/MSP. Update applications and operating systems, making sure published patches are installed across your network
• Confirm continuous monitoring services are in effect. You should have a service that watches your end points/edge connected devices
• Next Generation Firewall technology. How old are your firewalls? Are they static or dynamic? Discuss with your IT/MSP to determine if your line of defense is up to date
• Update and rehearse incident response plans. Use the templates in your A2C policy library to start. Once these are in place, rehearse them. Use the information from the recent breach news as a scenario for your exercise. Make sure you have the right people doing the right things in the right order to mitigate the effects of a breach of your dealership or critical vendor.
• Emphasize employee training. Use the A2C training program and the phishing simulation and training program to refresh your employee line of defense.
• Review your policies and procedures. Ensure they are up to date and accurately reflect your operational expectations. The first 10 policies listed on the Recommended Policy Adoption Sequence document found in the help menu of the A2Safe Hub is a good benchmark. Then be sure to socialize these with your staff.
• Confirm accurate and clean backups. Work with your IT/MSP to test and validate back-ups. If they are compromised, rebuilding your data and systems will be more difficult.
• Ensure your vendor risk management process is active. Make suer your documents are in place and up to date.
• Change passwords and review data access and password policies. Any time there is a large-scale breach within an industry, changing passwords is a good safety measure. Enforce strong passwords/passphrases. DO NOT use the same password on different applications and always force multi-factor authentication wherever possible.