{"id":5137,"date":"2024-09-18T16:22:11","date_gmt":"2024-09-18T21:22:11","guid":{"rendered":"https:\/\/niada.com\/dashboard\/?p=5137"},"modified":"2024-09-18T17:20:26","modified_gmt":"2024-09-18T22:20:26","slug":"its-embarrassing-almost","status":"publish","type":"post","link":"https:\/\/niada.com\/dashboard\/its-embarrassing-almost\/","title":{"rendered":"It&#8217;s embarrassing almost"},"content":{"rendered":"\n<p>Article featured in <a href=\"https:\/\/digitaleditions.walsworth.com\/publication\/?i=829878&amp;p=22&amp;view=issueViewer\" target=\"_blank\" rel=\"noopener\">September issue of UCD<\/a><\/p>\n\n\n\n<p>Manna, H2Go, Copco, Zojirushi\u2026<\/p>\n\n\n\n<p>Any ideas what these have in common? Here\u2019s a few more examples, which may give it away: Tervis, Hydro Flask, Thermos, Stanley, Starbucks.<\/p>\n\n\n\n<p>These are all manufacturers of commuter mugs. I have at least one of each of these brands, maybe more\u2026but I\u2019m not confirming. It\u2019s embarrassing, almost.<\/p>\n\n\n\n<p>Why do I have all of these? I\u2019m on a quest for the most comfortable commuter mug. It\u2019s very important. Please allow me to opine.<\/p>\n\n\n\n<p>A good commuter mug should have all of the following characteristics:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>comfortable to hold<\/li>\n\n\n\n<li>easy access to sip your beverage, but not too easy<\/li>\n\n\n\n<li>a way for the mug not to spill if you drop it<\/li>\n\n\n\n<li>a way to avoid burning your lips if the liquid is too hot<\/li>\n\n\n\n<li>ability to keep your nectar warm for hours<\/li>\n<\/ul>\n\n\n\n<p>Did I miss anything?<\/p>\n\n\n\n<p>This is complicated stuff, actually.<\/p>\n\n\n\n<p>I still don\u2019t have a cup which can accomplish all of these goals. So, I\u2019m still looking. (It\u2019s good to have goals, right?)<\/p>\n\n\n\n<p>In my opinion, companies should continue to innovate to try to achieve the perfect commuter mug. If you ask me, they are not even close. As for me, I\u2019ll keep searching.<\/p>\n\n\n\n<p>Speaking of innovation, we have a community full of people who are constantly pushing forward, creating, and initiating positive changes inside dealerships. Risk and compliance professionals are no different.<\/p>\n\n\n\n<p>These specialists are technicians who promulgate guidelines and adhere to routines to protect their dealerships. They audit what is actually happening at the stores (versus assuming everything is going according to policy) and report those results to the leadership team. They act as support to keep the business moving in the right direction and steer the company away from problems.<\/p>\n\n\n\n<p>Compliance is not the opposite of innovation. Actually, done well, they live together in harmony, like coffee and a commuter mug, for instance.<\/p>\n\n\n\n<p>Here\u2019s something to consider. In the 2022 lawsuit Morelli v. Jim Koons Management Company (who was just purchased by Asbury for $1.2 billion), the Plaintiffs alleged the following:<\/p>\n\n\n\n<p>\u201cDefendant could and should have implemented, as recommended by the United States Government, the following measures:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Implement an awareness and training program\u2026<\/li>\n\n\n\n<li>Enable strong spam filters to prevent phishing emails from reaching the end users\u2026<\/li>\n\n\n\n<li>Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.\u201d<\/li>\n<\/ul>\n\n\n\n<p>This was simply one item enumerated in a 46 page lawsuit.<\/p>\n\n\n\n<p>A risk and compliance professional can get ahead of issues like this one by designing a way to: (1) identify potential problems, and (2) subsequently figure out how to plug those holes at the dealership. For example, to address this allegation specifically:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Start a cyber training program<\/li>\n\n\n\n<li>Strengthen monthly cyber procedures to include white hat phishing (Microsoft has an easy product here.)<\/li>\n\n\n\n<li>Enhance the scanning tools.<\/li>\n<\/ol>\n\n\n\n<p>Then, document, document, document these activities into one central repository for easy retrieval. If you don\u2019t document, then nothing trackable really happened, which is a shame as this is how to address these types of concerns in litigation.<\/p>\n\n\n\n<p>Now, would these activities stop a cyber breach from happening? Absolutely, not. Lawyers call these affirmative defenses. These affirmative defenses help attorneys prevent the plaintiffs from winning by showing the defendant (i.e. the dealership) took the actions of a prudent person.&nbsp; Done effectively, these preventative measures can negate or reduce any legal consequences alleged by a plaintiff.<\/p>\n\n\n\n<p>Michael Semanie, an attorney who routinely represents motor vehicle dealerships across the country, noted that \u201cdealers who adopt and observe information security policies that harmonize with federal and state data laws are much better positioned to defend themselves against claims that a cyber incident was the result of the dealer\u2019s negligence. &nbsp;While some states have implemented statutory \u201csafe harbor\u201d defenses to protect dealers from liability related to a data breach, if the dealer has complied with specified data security standards, more states have attempted but failed to implement such statutory protections.\u201d<\/p>\n\n\n\n<p>Semanie continued, \u201cFlorida House Bill 473 (entitled \u201cCybersecurity Incident Liability\u201d) passed both houses of the legislature, but it was ultimately vetoed by Governor Ron DeSantis on June 26, 2024, who noted that such a safe harbor \u201cincentivizes doing the minimum when protecting consumer data.\u201d &nbsp;This strong public sentiment against companies who expose consumer data through a cyber incident can also be seen in the judiciary and in the juries who may determine the fate of a dealer\u2019s liability after a breach. &nbsp;By employing a robust information security policy, dealers may be protecting the value of their investment when it is time for a dealership buy-sell, since potential buyers are unable to seek or demand discounts and holdbacks for potential liability related to inadequate and non-compliant data security.\u201d<\/p>\n\n\n\n<p>If you don\u2019t have cyber insurance, it\u2019s not too late. Start today.&nbsp; According to The Risk &amp; Insurance Risk Brief, 69 percent of business owners are concerned about cyberattacks, yet only 32 percent have cyber insurance.<\/p>\n\n\n\n<p>Here\u2019s a second, non-cyber example to consider.&nbsp; On April 8, 2024, Automotive News reported Desert Toyota of Tucson, Arizona, will pay $60,000 in penalties, restitution, costs and fees to settle allegations it refused to sell vehicles at advertised prices.<\/p>\n\n\n\n<p>The Attorney General, Kris Mayes, said the store\u2019s prices failed to include the full reconditioning fees the dealer changed and the cost of mandatory addition such as exterior coating and door edge guards. The dealership changed reconditioning fees which exceeded the advertising.<\/p>\n\n\n\n<p>Could this problem have been prevented by a compliance manager?&nbsp; You betcha!<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Was there any sales training to emphasize the policy that all vehicles must be sold at advertised prices?\u00a0 Was this policy acknowledged and attested to by the sales staff?<\/li>\n\n\n\n<li>Did any of their paperwork show exterior coating and door edge guard were not mandatory?<\/li>\n\n\n\n<li>Were the stickers on the vehicle clear as to what was a mandatory charge?<\/li>\n\n\n\n<li>Did the dealership have a policy on how much they charge for reconditioning fees?<\/li>\n<\/ol>\n\n\n\n<p>These problems are preventable by having a policy, having someone check behind what\u2019s happening at the store, and documenting the outcome. Remember compliance is simply someone has to do a thing, at some point in time, and then prove that the thing was completed.&nbsp; Without an auditing component to check behind everyone, you have no compliance program, which can be very uncomfortable because you don\u2019t actually know what\u2019s happening at your own store. A compliance pro will be on a quest to ensure the dealership is protected.<\/p>\n\n\n\n<p>Speaking of quests and being uncomfortable, if anyone has a commuter mug which feels good in my hand, please let me know. I\u2019m here.<\/p>\n\n\n\n<p>Tom Kline<br>Better Vantage Point<br>tomk@bettervantagepoint.com<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"Article featured in September issue of UCD Manna, H2Go, Copco, Zojirushi\u2026 Any ideas what these have in common?&hellip;\n","protected":false},"author":50,"featured_media":5139,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"csco_singular_sidebar":"","csco_page_header_type":"","csco_appearance_grid":"","csco_page_load_nextpost":"","csco_post_video_location":[],"csco_post_video_location_hash":"","csco_post_video_url":"","csco_post_video_bg_start_time":0,"csco_post_video_bg_end_time":0,"footnotes":"","_links_to":"","_links_to_target":""},"categories":[39,3],"tags":[],"class_list":{"0":"post-5137","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-compliance","8":"category-industry","9":"cs-entry","10":"cs-video-wrap"},"_links":{"self":[{"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/posts\/5137","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/users\/50"}],"replies":[{"embeddable":true,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/comments?post=5137"}],"version-history":[{"count":0,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/posts\/5137\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/media\/5139"}],"wp:attachment":[{"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/media?parent=5137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/categories?post=5137"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/niada.com\/dashboard\/wp-json\/wp\/v2\/tags?post=5137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}