Sonic Automotive, Inc., a Fortune 500 company based in Charlotte, North Carolina, is on a quest to become the most valuable diversified automotive retail and service brand in America. Their Company culture thrives on creating, innovating, and providing industry-leading guest experiences, driven by strategic investments in technology, teammates, and ideas that ultimately fulfill ownership dreams, enrich lives, and deliver happiness to our guests and teammates. As one of the largest automotive and powersports retailers in America, they are committed to delivering on this goal while pursuing expansive growth and taking progressive measures to be the leader in these categories. Their new platforms, programs, and people are set to drive the next generation of automotive and powersports experiences.
Sonic Automotive, Inc., a Fortune 500 company and one of the nation’s largest automotive and powersports retailers, operates over 140 dealerships nationwide. With the experienced guidance of their Vice President of Information Security, Curtis Glenn, they meticulously developed a comprehensive cybersecurity infrastructure. However, several challenges persisted. During its foundational years, Sonic Automotive's cybersecurity measures were foundational and not fully developed.
They frequently found themselves on the receiving end of numerous phishing and spam attacks. Their primary defense against these threats was a manual process, wherein employees would forward suspicious emails to a designated "Incident Response" mailbox.
“Previously, our remediation of a single email could take up to 25 minutes. When a team member saw a suspicious email, they would forward it to our mailbox, and we would analyze it, break it down, check different attachments, verify the sender, and more," says Curtis Glenn, Vice President of Information Security at Sonic Automotive Inc.
Additionally, an apparent gap in cybersecurity awareness was observed among managers at their numerous dealerships scattered across the US. Given that this small team was responsible for the security oversight of an expansive employee base of over 10,000, the need for an efficient and effective solution was evident.
Responding to Sonic Automotive’s multifaceted challenges, IRONSCALES positioned itself as the fitting solution. While Sonic had previously incorporated a Secure Email Gateway (SEG) as a primary line of defense for email security, it soon became clear that the SEG had its limitations in addressing all threats.
Curtis was introduced to IRONSCALES and quickly saw the value it would deliver to his team. Central to IRONSCALES' appeal was its reliance on advanced AI and machine learning capabilities to detect threats that evaded other anti-phishing solutions. These features promised a streamlined and efficient security apparatus with minimal need for continual manual intervention.
Adopting the IRONSCALES platform ushered in transformative enhancements to Sonic Automotive's approach to email security. Some pivotal outcomes included: