Welcome to ITS! Learn more about our strategic partnership with Afineol!

JP Chua

By: JP Chua on October 5th, 2022

Print/Save as PDF

10 FTC Safeguard Rule Changes & What It Means for Auto Dealerships

Cybersecurity | Video

The Federal Trade Commission announced updates to the Safeguards Rule which will be put into place by December 9, 2022. These changes impact non-financial institutions like automobiles, which are required to comply to a higher level of cybersecurity standards. In this video, Rob Schenk will break down the 10 FTC Safeguard Rule changes and what it means for auto dealerships. 


FTC Safeguards

The 10 New Rule Changes are: 

1:07 #1 Multi-Factor Authentication (MFA) on all systems containing customers’ nonpublic information. 

1:17 #2 Encryption of all customers’ information in transit and at rest. 

1:27 #3 Written risk assessment 

1:37 #4 Written incident response plan 

1:47 #5 Change management procedures for modifying information systems 

1:57 #6 Designation of a single “qualified” individual to oversee the information security program 

2:07 #7 Asset management program 

2:17 #8 Policies, procedures, and controls that monitor and log activity 

2:27 #9 Continuous monitoring of information systems 

2:37 #10 Annual reports by qualified individuals to the board of directors 


These new changes may seem daunting. Having overseen the IT of many auto dealerships, we recommend you reach out to one of our experts. We can clearly present your current IT standing and map out what you need to do in order to be compliant by December 9, 2022.  

Top 15 Cybersecurity Best Practices