Cybersecurity tools getting boost from AI

Mark Hollmer mark.hollmer@crain.com

Thousands of dealership owners, managers and employees will be roaming the exhibition floor at this year’s NADA Show in Las Vegas. Many likely will have cyber risks on their mind.

That’s because dealerships must pay close attention to the federal Safeguards Rule, which requires financial institutions including car dealerships to develop an information security program to protect customer data. Learning about the latest in cybersecurity protections can help them keep new kinds of attacks at bay.

The annual show, planned for Feb. 3-6 at the Las Vegas Convention Center, will give dealers an opportunity to ask about the latest tools and techniques to keep up with cyber risks.

An increasing number of those tools will be driven by artificial intelligence, said Erik Nachbahr, president of cybersecurity consulting firm Helion Technologies, who will be attending the show.

“What we’ll probably find is [dealership management system] providers [and] software [producers] talking about how they’re leveraging AI in their security frameworks,” Nachbahr said.

Cyber trends

At least nine vendors with at least some focus on cybersecurity will be at the show, up from three in 2025, according to the dealers association.

Sean Patronis, chief information security officer for Reynolds and Reynolds’ Proton cybersecurity division, agreed AI-driven products will be a large part of the NADA Show’s offerings.

“AI is going to be a hot topic,” said Patronis, who also will be at the event.

AI will enable new cybersecurity tools that deal with issues such as identity protection, he said.

“Phishing-resistant, multifactor authentication, password-less authentication — those are all technologies that will be needed to help protect identities,” Patronis said. “Identity is a new perimeter. Everything’s on the Internet now; it’s not just in your network.

I think that’s the trend you’re going to see.”

Nachbahr said he expects cybersecurity vendors and dealership attendees will focus, in part, on AI-assisted threat hunting.

The technique is a newer way to combat cyber threats that can target dealer computer systems, their network infrastructure and their cloud presence, Nachbahr said.

“Threat hunting is about looking for things that are amiss,” Nachbahr said.

Threat hunting is necessary, he said, because cybercrime is substantially more sophisticated than it once was.

“We’re way past the notion [where] you click on a link and download software and it blows up your computer,” Nachbahr said. “That stuff is still out there and attackers still use it and they get people with it. But what they’re ultimately trying to do is either compromise your identity … or compromise your infrastructure.”

Nachbahr said AI-driven threathunting technology is a good way to fight back against AI-driven crimes.

“This is what we need to hook into the systems, whether it’s the devices or [user] identity, and look for telltale signs of attackers,” Nachbahr said.

Justin Shanken, CEO of dealership-focused cybersecurity firm Black Breach, said cybersecurity approaches increasingly rely on AI to fight attacks driven by the same technology.

Shanken, who will be attending the show, said he also expects AI versus AI cybersecurity products to be widespread.

That technology is being woven into areas such as extended detection and response, or XDR, which Shanken said he expects to be a common focal point at the show this year.

The concept, which has been used in other industries, is designed to take all of a company’s digital tools and platforms and put them “under one pane of glass” for cybersecurity monitoring, Shanken said.

“We get a much broader picture,” Shanken said. “XDR is the final security layer.”

Wary about risks

Dealership representatives, meanwhile, are coming to the NADA show with varying perspectives on cybersecurity.

Alan Dibre, chairman of the Acura National Dealer Advisory Board, said his Acura and Honda dealerships in New York and New Jersey have taken a number of cybersecurity steps, such as reducing third-party vendors and switching to DMS provider Tekion, where “everything is electronic.” But he is fatalistic about whether cyber attacks can be truly stopped.

“There could be a cyberattack on your DMS provider and you’re out,” he said. “It doesn’t really matter what you do on the ground level.”

Dibre switched to Tekion from CDK Global 60 days before it sustained two cyberattacks in June 2024.

Dibre is dealer principal of Acura of Wappingers Falls and Acura of Bay Shore in New York, and Acura of Ramsey and Honda of Hackettstown in New Jersey.

Jason Church, Volvo Retail Advisory Board chairman and COO of Courtesy Automotive Group in Arizona, said dealerships view cyber protections as a crucial thing.

“It’s about securing the dealership’s IT systems,” Church said, “and ensuring the workforce is trained on the risks of clicking on malicious links.”

Gail Kachadourian Howe and Urvaksh Karkaria contributed to this report.