Helion Trucking Technologies Monday announced it is offering a new security awareness training program for truck dealership employees.
Helion says the solution is designed to build a “human firewall” that reduces the risk of data breaches from phishing and other social engineering attacks. Cyber-crime is a persistent and growing threat to dealerships, and 91 percent of successful data breaches start with a phishing attack.
The training program also helps truck dealers comply with the Federal Trade Commission (FTC) Safeguards Rule to protect consumer personal information. Truck dealerships that provide financing to customers are subject to the rule and are required to provide employees with security awareness training, the company says.
“A dealership can have a secure firewall and anti-virus software, but even the best technology can’t protect them from sophisticated phishing schemes where humans are the weak link,” saysErik Nachbahr, president, Helion Trucking Technologies. “Once an employee clicks on an email link and surrenders information, it’s easy for cyber criminals to accomplish their objectives.”
The consequences of phishing attacks are devastating. Many incidences of dealership employees transferring tens of thousands of dollars to bank accounts have been documented, only to have the money disappear forever. In one case Helion says a dealership lost $251,000 in a single transaction. An additional consequence of a data breach includes harm to a dealership’s reputation, as well as the threat of legal and civil lawsuits when their customers’ personal data is compromised.
“Dealers are vulnerable to attacks because they tend to have a lot of cash in their bank accounts and conduct a large number of electronic financial transactions. That’s very attractive to cyber criminals,” says Nachbahr.
Most truck dealers employ IT staff or use outside IT services that lack awareness when it comes to cyber-crime. According to Total Dealer Compliance, only 30 percent of auto dealers employ a network engineer with computer security certifications and training, and 70 percent of dealers aren’t up to date on their anti-virus software.
“In dealerships IT staff are generally reactive; they respond to employee complaints and keep the network running,” says Nachbahr. “They don’t have the resources or expertise to proactively seek solutions to cyber-attacks that haven’t happened yet.”
Helion says phishing attacks rely on email to bait and lure employees into downloading viruses, uploading secure information or giving out credentials to dealership systems. Cyber criminals often troll a company for months to learn names, titles and emails of target employees.
To combat the growing threat and consequences of phishing attacks, Helion has partnered with KnowBe4 to bring the world’s most popular security awareness training and simulated phishing platform to truck dealers. More than 18,000 organizations worldwide currently use the system, which over time substantially reduces the risk of successful phishing attacks, Helion says.
Prior to security awareness training, in an average business 27 percent of employees open phishing emails. After 90 days of training, the risk drops to 13 percent and after one year of training, the risk drops to 2 percent.
“Employees are your last line of defense,” says Nachbahr. “It’s a dealer’s responsibility to train them but most dealers aren’t aware of the scope of the threat, let alone how to counter it. We searched for a solution to this problem and we’re thrilled to offer this training program that will safeguard dealerships’ money, customer data and reputations.”
Helion’s employee security awareness training program includes:
- Baseline testing using a simulated phishing attack to assess the percentage of employees that click on a phishing link
- Employees that don’t pass the baseline test are enrolled in an online training program
- Employees are educated with a library of videos, online games and training modules; gamification makes learning fun and interactive
- Monthly phishing security tests for every employee on the system
- Phish Alert Button provides employees with a safe and easy way to report malicious emails
- Industry Benchmarking allows managers to compare their phish-prone percentage against other dealerships, and track improvements over time
- Advanced Reports allow managers to see which employees need further testing
The cost of the training program is just $15 per employee, per year. Helion has customized the KnowBe4 training system to simulate phishing emails that dealerships typically receive; and manages all onboarding, setup, integration, ongoing maintenance and support.
The new service is available Feb. 1, 2019. To learn more or to enroll in the security awareness training program, call Helion Technologies at 443-541-1500.
