4 Cybersecurity Takeaways from Amplify 2024
A few short weeks ago, our own CISO Nikhil Kalani attended Reynolds Retail Summit: Amplify in Leesburg, VA. Kalani confidently led a cybersecurity Q&A session with the Vice President of Marketing Greg Uland and had the opportunity to co-host a workshop alongside the Vice President of Data Strategy and CPO Will Farley covering information and data security. If you couldn’t attend the event (or if you did and loved it so much you want to relive it!), here are the top takeaways from both sessions.
Reynolds and Reynolds loves cyber protection as much as we do
In the wake of recent industry cyberattacks, questions have been raised about third-party companies and their ability to protect themselves and their customers. Security is not something Reynolds takes lightly, as evident in their physical and digital structures. As CISO, Kalani has a first-hand perspective on the company’s security makeup. He shared there are two data centers in the Dayton, Ohio office and each one lives on a different network. They are SOC 2 Type 2 certified, and a backup data center is also certified in the Houston, TX office. How does this protect Reynolds and its customers? The goal of separate data centers is to keep company and product data secure independently. If an attack begins on one side, it doesn’t creep to the other. And if an attack starts by email, it’s very hard for attackers to cross into other networks and cause damage at the dealership level. Reynolds also has two separate security products on these networks – meaning even if an attacker defeats one set of security products on one side, they would need to evade yet another set of security products to successfully cross-over and do harm. The goal here is to raise the bar for attackers so they can’t culminate an attack and are forced to move on.
A custom approach could be the key
According to Kalani, Reynolds operates differently than many other companies. When it comes to customer data, every Reynolds customer gets their own server and every product is separated. DMS backup copies live on multiple different servers and different networks, meaning there’s almost always a safe backup somewhere. Reynolds also puts a big focus on building their own tools and software in-house, meaning the bad guys can’t weaponize these in-house support tools against the company. Internal tools can’t easily be reverse-engineered by someone on the outside. By doing things differently than most other companies in the automotive space, Reynolds works hard to make itself a hard target!
Company safety starts with employees
We’ll say it until we’re blue in the face, but it’s true – the security of your company and assets falls to every single employee under your watch! Almost all attacks can be stopped in their tracks by security-smart employees. For Reynolds, employees are given regular phishing tests and security training – and you’ll be happy to know if a phishing email is clicked, the employee is given more training! Kalani stressed how a culture of security emphasized by senior leadership keeps the importance of the human firewall top of mind for all associates.
Sharing is caring
While Proton doesn’t protect Reynolds as a business, there is a common team that protects both Reynolds and Proton customers that Kalani works alongside. This means lessons, examples, and current threats are shared across both companies. With ‘battle-hardened’ employees, it’s a win-win for both our customers and Reynolds’ and Proton’s associates. Plus, our super cool Security Operations Center is a dual investment for both companies that allows the shared resources to make both parties do better and be better than others can, for our customers.
It’s important to us to practice what we preach, which is why both Proton and Reynolds give so much attention and effort to the security of our own staff, software, and customer data in the same way we protect your data. If you have questions about our security protocols, let’s chat. And if you’re interested in learning more about Amplify, check out the event recap here and keep an eye out for 2025 event details!
Let’s Talk
Together in your 20-minute free consultation, we’ll:
- Discuss your current IT posture and goals
- Review tactics you could implement today to improve your overall results
- Discuss how Proton Dealership IT may be able to help or point you to valuable tools and resources
In order to effectively review your dealership and IT challenges prior to the call, please tell us a bit about you first.