SEMA News—May 2015

Fast Facts

Brake Parts Inc. (BPI) promoted Michael Caruso to vice president of finance and global controller. In his new position, Caruso will focus on acquisitions and business integration. He will lead a team of 19 people, with 14 of them located at the company’s headquarters in McHenry, Illinois, and the others located internationally. Prior to his promotion, Caruso served as BPI’s corporate controller and played a key role in establishing the new business after the company was acquired by Torque Capital Group in 2013. Brake Parts, McHenry, IL: 815-759-7658.

Action Car and Truck Accessories, located in Eastern Canada, has acquired CTP Distributors/Custom Truck Parts Inc. of Western Canada. The combined companies will consist of four major distribution centers (Surrey, Edmonton, Pickering and Moncton), four secondary distribution points (Calgary, Grande Prairie, Winnipeg and St. John’s) and 37 retail stores with installation facilities and e-commerce stores catering to wholesale, retail and commercial fleet segments. Action Car and Truck Accessories, Moncton, Canada; 506-857-0120.

Transamerican Manufacturing Group has acquired Poison Spyder Customs. “I really admire what Larry McRae [of Poison Spyder Customs] has done in building a predominant brand so quickly,” said Greg Adler, CEO of Transamerican Auto Parts. “Poison Spyder is a great fit with our brands and our customer base. We look forward to developing the full potential of what McRae and his team have already worked so diligently upon.” Transamerican Manufacturing Group, Compton, CA; 310-900-5500.

Eric Butler’s custom-built ’68 Mustang was the first recipient of the Weld President’s Award at the 2015 O’Reilly’s World of Wheels presented by Weld. Butler, who participated in the show at Bartle Hall in Kansas City, Missouri, is a resident of the Kansas City metro area. Butler completed all of the work on the vehicle by himself, including custom Weld wheels with a 1996 Mustang bolt pattern. The President’s Award was presented to Butler for “the vehicle that embodies tradition, quality and durability like Weld wheels.” Weld, Kansas City, MO; 800-788-9353.

The Mothers big rig will bring some of the coolest rides to several car shows, races and festivals as it traverses the country in 2015. The custom truck will feed the detailing needs of enthusiasts and experts alike, and its crew of specialists will introduce and demonstrate the company’s latest car-care products. Highlights on the Mothers car-show calendar include the 2015 SEMA Show and SEMA Ignited, and the Barrett-Jackson collector-car auctions in Palm Beach, Las Vegas and more. Mothers Polish, Huntington Beach, CA; 714-891-3364.

Quest Automotive Products—the manufacturer of Matrix- and USC-brand automotive repair products, paints and finishes—has renewed its partnership and support of the popular reality television series “Counting Cars.” The Matrix and USC brands have supported the show since its inaugural season in 2012. The show chronicles repair projects undertaken by Danny “The Count” Koker, owner of Count’s Kustoms—a Las Vegas body shop that specializes in restoring and customizing classic cars and motorcycles. Quest Automotive Products, Massillon, OH; 330-299-8879.

SCG Brands, the parent company of Surf City Garage and Paradise Road Car Care, has retained Kahn Media Inc. as its agency of record. Kahn Media will provide strategic PR and communication services to help the Orange County-based company market its washes, waxes, polishes and surface-care products. Surf City Garage, Huntington Beach, CA; 714-894-1707. Kahn Media Inc., Moorpark, CA; 818-881-5246.

The Professional Drag Racers Association (PDRA) has extended its partnership with VP Racing Fuels, which will be designated the official fuel of PDRA through 2017. As part of the agreement, VP will provide trackside fuel service for the all-eighth-mile drag-racing series and post-season awards up to $1,000 in each class for the series championship. Professional Drag Racers Association. Pittsboro, N.C.; 919-799-0621.

Yokohama Tire Corp. of North America announced several organizational changes. Rick Phillips was promoted from senior director for commercial and OTR sales to vice president of sales for consumer, commercial and OTR. He will report to Takayuki Hamaya, YTC chief operating officer. Larry Kull, former senior director for tire business planning and sales operations, is now senior director for consumer sales. He will report to Phillips. Fred Koplin, former senior director for consumer sales, is now senior director of marketing. He will report to Hamaya. Andrew Briggs, former senior director of marketing, product planning and technical services, is now senior director for tire business planning, product planning and sales operations. He will report to Hamaya. Yokohama Tire Corp., Fullerton, CA; 714-870-3800.

AP Exhaust Technologies appointed Chris Ostrander as its chief executive officer and president. Evangelos Proimos will continue as executive chairman, working directly with Ostrander on developing the company’s strategic vision. Ostrander joins AP Exhaust with more than 16 years of experience in the automotive aftermarket and OEM industries. In his most recent role, he served four years as senior vice president and president of the Americas at Cooper Tire & Rubber. AP Exhaust Technologies, Goldsboro, N.C.; 919-580-2000.

Toyo Tire North America has promoted John Ferguson to director of sales. Ferguson has worked with the company since June 2012, first serving as a sales account manager. A graduate of The University of Findlay (Ohio), Ferguson has extensive sales experience with international organizations. Toyo Tire, Cypress, CA; 714-236-2080.

Wilwood Disc Brakes has partnered with Ultimate Performance—a suspension tuning and performance product supplier based in North Carolina—to enhance support to drivers at race events. As part of the partnership, Ultimate Performance owner JJ Furillo will travel to pro-touring events across the country, providing technical support and guidance to competitors on tuning suspensions to match their driving styles. Furillo founded Ultimate Performance in 2014 and has partnered with a number of performance-enhancing companies. Wilwood Engineering Inc., Camarillo, CA; 805-388-1188.

MSDP Group LLC announced that it will merge MSD and Mallory by the end of the first fiscal quarter of 2015. As part of the merger, all fuel and ignition-system products will be manufactured exclusively under the MSD brand. MSD will honor warranties for all existing Mallory products, as well as offer service and repair. MSD will also continue to make available Mallory distributor replacement parts, such as caps, rotors, points and nearly 100 other components. MSD, El Paso, TX; 915-857-5200; Mallory, Cleveland, OH 216-658-6413.

National Performance Warehouse has purchased Racer’s Equipment Warehouse, which has been in business for more than 50 years and serves all varieties of automotive enterprises in the New England area. Racer’s is the regional wholesale specialist in marketing and selling brand-name lines for Jeeps, trucks, SUVs, off-roading, hot rods, musclecars, drag and circle-track cars and street performance. Racers is also a long-standing member of The AAM Group and has a large number of Parts Pro and Total Truck jobbers in the Northeast. National Performance Warehouse, Miami, FL; 305-953-7290.

Longtime motorsports PR specialist Dave Densmore received the Founder’s Award from the International Drag Racing Hall of Fame. For nearly four decades, Densmore has been the spokesperson for the top names in drag racing, as well as both top series. As the primary spokesperson for John Force, Densmore worked beside Force through his 16 Funny Car championships. He helped navigate Force through the high times of winning championships, as well as some of the team’s most devastating times, including the loss of team member Eric Medlen in a testing accident in 2007, and Force’s nearly career-ending accident later that year.

Black Book, a leading provider of electronic data and insight to the automotive industry, appointed Laird Popkin chief technology officer and senior vice president. He joins Black Book from Kaplan Inc., where he was chief enterprise architect. Popkin, who has more than 25 years of executive and technology-management experience, reports directly to Tom Cross, president of Black Book.

SEMA News—May 2015

Fast Facts

Brake Parts Inc. (BPI) promoted Michael Caruso to vice president of finance and global controller. In his new position, Caruso will focus on acquisitions and business integration. He will lead a team of 19 people, with 14 of them located at the company’s headquarters in McHenry, Illinois, and the others located internationally. Prior to his promotion, Caruso served as BPI’s corporate controller and played a key role in establishing the new business after the company was acquired by Torque Capital Group in 2013. Brake Parts, McHenry, IL: 815-759-7658.

Action Car and Truck Accessories, located in Eastern Canada, has acquired CTP Distributors/Custom Truck Parts Inc. of Western Canada. The combined companies will consist of four major distribution centers (Surrey, Edmonton, Pickering and Moncton), four secondary distribution points (Calgary, Grande Prairie, Winnipeg and St. John’s) and 37 retail stores with installation facilities and e-commerce stores catering to wholesale, retail and commercial fleet segments. Action Car and Truck Accessories, Moncton, Canada; 506-857-0120.

Transamerican Manufacturing Group has acquired Poison Spyder Customs. “I really admire what Larry McRae [of Poison Spyder Customs] has done in building a predominant brand so quickly,” said Greg Adler, CEO of Transamerican Auto Parts. “Poison Spyder is a great fit with our brands and our customer base. We look forward to developing the full potential of what McRae and his team have already worked so diligently upon.” Transamerican Manufacturing Group, Compton, CA; 310-900-5500.

Eric Butler’s custom-built ’68 Mustang was the first recipient of the Weld President’s Award at the 2015 O’Reilly’s World of Wheels presented by Weld. Butler, who participated in the show at Bartle Hall in Kansas City, Missouri, is a resident of the Kansas City metro area. Butler completed all of the work on the vehicle by himself, including custom Weld wheels with a 1996 Mustang bolt pattern. The President’s Award was presented to Butler for “the vehicle that embodies tradition, quality and durability like Weld wheels.” Weld, Kansas City, MO; 800-788-9353.

The Mothers big rig will bring some of the coolest rides to several car shows, races and festivals as it traverses the country in 2015. The custom truck will feed the detailing needs of enthusiasts and experts alike, and its crew of specialists will introduce and demonstrate the company’s latest car-care products. Highlights on the Mothers car-show calendar include the 2015 SEMA Show and SEMA Ignited, and the Barrett-Jackson collector-car auctions in Palm Beach, Las Vegas and more. Mothers Polish, Huntington Beach, CA; 714-891-3364.

Quest Automotive Products—the manufacturer of Matrix- and USC-brand automotive repair products, paints and finishes—has renewed its partnership and support of the popular reality television series “Counting Cars.” The Matrix and USC brands have supported the show since its inaugural season in 2012. The show chronicles repair projects undertaken by Danny “The Count” Koker, owner of Count’s Kustoms—a Las Vegas body shop that specializes in restoring and customizing classic cars and motorcycles. Quest Automotive Products, Massillon, OH; 330-299-8879.

SCG Brands, the parent company of Surf City Garage and Paradise Road Car Care, has retained Kahn Media Inc. as its agency of record. Kahn Media will provide strategic PR and communication services to help the Orange County-based company market its washes, waxes, polishes and surface-care products. Surf City Garage, Huntington Beach, CA; 714-894-1707. Kahn Media Inc., Moorpark, CA; 818-881-5246.

The Professional Drag Racers Association (PDRA) has extended its partnership with VP Racing Fuels, which will be designated the official fuel of PDRA through 2017. As part of the agreement, VP will provide trackside fuel service for the all-eighth-mile drag-racing series and post-season awards up to $1,000 in each class for the series championship. Professional Drag Racers Association. Pittsboro, N.C.; 919-799-0621.

Yokohama Tire Corp. of North America announced several organizational changes. Rick Phillips was promoted from senior director for commercial and OTR sales to vice president of sales for consumer, commercial and OTR. He will report to Takayuki Hamaya, YTC chief operating officer. Larry Kull, former senior director for tire business planning and sales operations, is now senior director for consumer sales. He will report to Phillips. Fred Koplin, former senior director for consumer sales, is now senior director of marketing. He will report to Hamaya. Andrew Briggs, former senior director of marketing, product planning and technical services, is now senior director for tire business planning, product planning and sales operations. He will report to Hamaya. Yokohama Tire Corp., Fullerton, CA; 714-870-3800.

AP Exhaust Technologies appointed Chris Ostrander as its chief executive officer and president. Evangelos Proimos will continue as executive chairman, working directly with Ostrander on developing the company’s strategic vision. Ostrander joins AP Exhaust with more than 16 years of experience in the automotive aftermarket and OEM industries. In his most recent role, he served four years as senior vice president and president of the Americas at Cooper Tire & Rubber. AP Exhaust Technologies, Goldsboro, N.C.; 919-580-2000.

Toyo Tire North America has promoted John Ferguson to director of sales. Ferguson has worked with the company since June 2012, first serving as a sales account manager. A graduate of The University of Findlay (Ohio), Ferguson has extensive sales experience with international organizations. Toyo Tire, Cypress, CA; 714-236-2080.

Wilwood Disc Brakes has partnered with Ultimate Performance—a suspension tuning and performance product supplier based in North Carolina—to enhance support to drivers at race events. As part of the partnership, Ultimate Performance owner JJ Furillo will travel to pro-touring events across the country, providing technical support and guidance to competitors on tuning suspensions to match their driving styles. Furillo founded Ultimate Performance in 2014 and has partnered with a number of performance-enhancing companies. Wilwood Engineering Inc., Camarillo, CA; 805-388-1188.

MSDP Group LLC announced that it will merge MSD and Mallory by the end of the first fiscal quarter of 2015. As part of the merger, all fuel and ignition-system products will be manufactured exclusively under the MSD brand. MSD will honor warranties for all existing Mallory products, as well as offer service and repair. MSD will also continue to make available Mallory distributor replacement parts, such as caps, rotors, points and nearly 100 other components. MSD, El Paso, TX; 915-857-5200; Mallory, Cleveland, OH 216-658-6413.

National Performance Warehouse has purchased Racer’s Equipment Warehouse, which has been in business for more than 50 years and serves all varieties of automotive enterprises in the New England area. Racer’s is the regional wholesale specialist in marketing and selling brand-name lines for Jeeps, trucks, SUVs, off-roading, hot rods, musclecars, drag and circle-track cars and street performance. Racers is also a long-standing member of The AAM Group and has a large number of Parts Pro and Total Truck jobbers in the Northeast. National Performance Warehouse, Miami, FL; 305-953-7290.

Longtime motorsports PR specialist Dave Densmore received the Founder’s Award from the International Drag Racing Hall of Fame. For nearly four decades, Densmore has been the spokesperson for the top names in drag racing, as well as both top series. As the primary spokesperson for John Force, Densmore worked beside Force through his 16 Funny Car championships. He helped navigate Force through the high times of winning championships, as well as some of the team’s most devastating times, including the loss of team member Eric Medlen in a testing accident in 2007, and Force’s nearly career-ending accident later that year.

Black Book, a leading provider of electronic data and insight to the automotive industry, appointed Laird Popkin chief technology officer and senior vice president. He joins Black Book from Kaplan Inc., where he was chief enterprise architect. Popkin, who has more than 25 years of executive and technology-management experience, reports directly to Tom Cross, president of Black Book.

SEMA News—May 2015

Fast Facts

Brake Parts Inc. (BPI) promoted Michael Caruso to vice president of finance and global controller. In his new position, Caruso will focus on acquisitions and business integration. He will lead a team of 19 people, with 14 of them located at the company’s headquarters in McHenry, Illinois, and the others located internationally. Prior to his promotion, Caruso served as BPI’s corporate controller and played a key role in establishing the new business after the company was acquired by Torque Capital Group in 2013. Brake Parts, McHenry, IL: 815-759-7658.

Action Car and Truck Accessories, located in Eastern Canada, has acquired CTP Distributors/Custom Truck Parts Inc. of Western Canada. The combined companies will consist of four major distribution centers (Surrey, Edmonton, Pickering and Moncton), four secondary distribution points (Calgary, Grande Prairie, Winnipeg and St. John’s) and 37 retail stores with installation facilities and e-commerce stores catering to wholesale, retail and commercial fleet segments. Action Car and Truck Accessories, Moncton, Canada; 506-857-0120.

Transamerican Manufacturing Group has acquired Poison Spyder Customs. “I really admire what Larry McRae [of Poison Spyder Customs] has done in building a predominant brand so quickly,” said Greg Adler, CEO of Transamerican Auto Parts. “Poison Spyder is a great fit with our brands and our customer base. We look forward to developing the full potential of what McRae and his team have already worked so diligently upon.” Transamerican Manufacturing Group, Compton, CA; 310-900-5500.

Eric Butler’s custom-built ’68 Mustang was the first recipient of the Weld President’s Award at the 2015 O’Reilly’s World of Wheels presented by Weld. Butler, who participated in the show at Bartle Hall in Kansas City, Missouri, is a resident of the Kansas City metro area. Butler completed all of the work on the vehicle by himself, including custom Weld wheels with a 1996 Mustang bolt pattern. The President’s Award was presented to Butler for “the vehicle that embodies tradition, quality and durability like Weld wheels.” Weld, Kansas City, MO; 800-788-9353.

The Mothers big rig will bring some of the coolest rides to several car shows, races and festivals as it traverses the country in 2015. The custom truck will feed the detailing needs of enthusiasts and experts alike, and its crew of specialists will introduce and demonstrate the company’s latest car-care products. Highlights on the Mothers car-show calendar include the 2015 SEMA Show and SEMA Ignited, and the Barrett-Jackson collector-car auctions in Palm Beach, Las Vegas and more. Mothers Polish, Huntington Beach, CA; 714-891-3364.

Quest Automotive Products—the manufacturer of Matrix- and USC-brand automotive repair products, paints and finishes—has renewed its partnership and support of the popular reality television series “Counting Cars.” The Matrix and USC brands have supported the show since its inaugural season in 2012. The show chronicles repair projects undertaken by Danny “The Count” Koker, owner of Count’s Kustoms—a Las Vegas body shop that specializes in restoring and customizing classic cars and motorcycles. Quest Automotive Products, Massillon, OH; 330-299-8879.

SCG Brands, the parent company of Surf City Garage and Paradise Road Car Care, has retained Kahn Media Inc. as its agency of record. Kahn Media will provide strategic PR and communication services to help the Orange County-based company market its washes, waxes, polishes and surface-care products. Surf City Garage, Huntington Beach, CA; 714-894-1707. Kahn Media Inc., Moorpark, CA; 818-881-5246.

The Professional Drag Racers Association (PDRA) has extended its partnership with VP Racing Fuels, which will be designated the official fuel of PDRA through 2017. As part of the agreement, VP will provide trackside fuel service for the all-eighth-mile drag-racing series and post-season awards up to $1,000 in each class for the series championship. Professional Drag Racers Association. Pittsboro, N.C.; 919-799-0621.

Yokohama Tire Corp. of North America announced several organizational changes. Rick Phillips was promoted from senior director for commercial and OTR sales to vice president of sales for consumer, commercial and OTR. He will report to Takayuki Hamaya, YTC chief operating officer. Larry Kull, former senior director for tire business planning and sales operations, is now senior director for consumer sales. He will report to Phillips. Fred Koplin, former senior director for consumer sales, is now senior director of marketing. He will report to Hamaya. Andrew Briggs, former senior director of marketing, product planning and technical services, is now senior director for tire business planning, product planning and sales operations. He will report to Hamaya. Yokohama Tire Corp., Fullerton, CA; 714-870-3800.

AP Exhaust Technologies appointed Chris Ostrander as its chief executive officer and president. Evangelos Proimos will continue as executive chairman, working directly with Ostrander on developing the company’s strategic vision. Ostrander joins AP Exhaust with more than 16 years of experience in the automotive aftermarket and OEM industries. In his most recent role, he served four years as senior vice president and president of the Americas at Cooper Tire & Rubber. AP Exhaust Technologies, Goldsboro, N.C.; 919-580-2000.

Toyo Tire North America has promoted John Ferguson to director of sales. Ferguson has worked with the company since June 2012, first serving as a sales account manager. A graduate of The University of Findlay (Ohio), Ferguson has extensive sales experience with international organizations. Toyo Tire, Cypress, CA; 714-236-2080.

Wilwood Disc Brakes has partnered with Ultimate Performance—a suspension tuning and performance product supplier based in North Carolina—to enhance support to drivers at race events. As part of the partnership, Ultimate Performance owner JJ Furillo will travel to pro-touring events across the country, providing technical support and guidance to competitors on tuning suspensions to match their driving styles. Furillo founded Ultimate Performance in 2014 and has partnered with a number of performance-enhancing companies. Wilwood Engineering Inc., Camarillo, CA; 805-388-1188.

MSDP Group LLC announced that it will merge MSD and Mallory by the end of the first fiscal quarter of 2015. As part of the merger, all fuel and ignition-system products will be manufactured exclusively under the MSD brand. MSD will honor warranties for all existing Mallory products, as well as offer service and repair. MSD will also continue to make available Mallory distributor replacement parts, such as caps, rotors, points and nearly 100 other components. MSD, El Paso, TX; 915-857-5200; Mallory, Cleveland, OH 216-658-6413.

National Performance Warehouse has purchased Racer’s Equipment Warehouse, which has been in business for more than 50 years and serves all varieties of automotive enterprises in the New England area. Racer’s is the regional wholesale specialist in marketing and selling brand-name lines for Jeeps, trucks, SUVs, off-roading, hot rods, musclecars, drag and circle-track cars and street performance. Racers is also a long-standing member of The AAM Group and has a large number of Parts Pro and Total Truck jobbers in the Northeast. National Performance Warehouse, Miami, FL; 305-953-7290.

Longtime motorsports PR specialist Dave Densmore received the Founder’s Award from the International Drag Racing Hall of Fame. For nearly four decades, Densmore has been the spokesperson for the top names in drag racing, as well as both top series. As the primary spokesperson for John Force, Densmore worked beside Force through his 16 Funny Car championships. He helped navigate Force through the high times of winning championships, as well as some of the team’s most devastating times, including the loss of team member Eric Medlen in a testing accident in 2007, and Force’s nearly career-ending accident later that year.

Black Book, a leading provider of electronic data and insight to the automotive industry, appointed Laird Popkin chief technology officer and senior vice president. He joins Black Book from Kaplan Inc., where he was chief enterprise architect. Popkin, who has more than 25 years of executive and technology-management experience, reports directly to Tom Cross, president of Black Book.

SEMA News—May 2015

Fast Facts

Brake Parts Inc. (BPI) promoted Michael Caruso to vice president of finance and global controller. In his new position, Caruso will focus on acquisitions and business integration. He will lead a team of 19 people, with 14 of them located at the company’s headquarters in McHenry, Illinois, and the others located internationally. Prior to his promotion, Caruso served as BPI’s corporate controller and played a key role in establishing the new business after the company was acquired by Torque Capital Group in 2013. Brake Parts, McHenry, IL: 815-759-7658.

Action Car and Truck Accessories, located in Eastern Canada, has acquired CTP Distributors/Custom Truck Parts Inc. of Western Canada. The combined companies will consist of four major distribution centers (Surrey, Edmonton, Pickering and Moncton), four secondary distribution points (Calgary, Grande Prairie, Winnipeg and St. John’s) and 37 retail stores with installation facilities and e-commerce stores catering to wholesale, retail and commercial fleet segments. Action Car and Truck Accessories, Moncton, Canada; 506-857-0120.

Transamerican Manufacturing Group has acquired Poison Spyder Customs. “I really admire what Larry McRae [of Poison Spyder Customs] has done in building a predominant brand so quickly,” said Greg Adler, CEO of Transamerican Auto Parts. “Poison Spyder is a great fit with our brands and our customer base. We look forward to developing the full potential of what McRae and his team have already worked so diligently upon.” Transamerican Manufacturing Group, Compton, CA; 310-900-5500.

Eric Butler’s custom-built ’68 Mustang was the first recipient of the Weld President’s Award at the 2015 O’Reilly’s World of Wheels presented by Weld. Butler, who participated in the show at Bartle Hall in Kansas City, Missouri, is a resident of the Kansas City metro area. Butler completed all of the work on the vehicle by himself, including custom Weld wheels with a 1996 Mustang bolt pattern. The President’s Award was presented to Butler for “the vehicle that embodies tradition, quality and durability like Weld wheels.” Weld, Kansas City, MO; 800-788-9353.

The Mothers big rig will bring some of the coolest rides to several car shows, races and festivals as it traverses the country in 2015. The custom truck will feed the detailing needs of enthusiasts and experts alike, and its crew of specialists will introduce and demonstrate the company’s latest car-care products. Highlights on the Mothers car-show calendar include the 2015 SEMA Show and SEMA Ignited, and the Barrett-Jackson collector-car auctions in Palm Beach, Las Vegas and more. Mothers Polish, Huntington Beach, CA; 714-891-3364.

Quest Automotive Products—the manufacturer of Matrix- and USC-brand automotive repair products, paints and finishes—has renewed its partnership and support of the popular reality television series “Counting Cars.” The Matrix and USC brands have supported the show since its inaugural season in 2012. The show chronicles repair projects undertaken by Danny “The Count” Koker, owner of Count’s Kustoms—a Las Vegas body shop that specializes in restoring and customizing classic cars and motorcycles. Quest Automotive Products, Massillon, OH; 330-299-8879.

SCG Brands, the parent company of Surf City Garage and Paradise Road Car Care, has retained Kahn Media Inc. as its agency of record. Kahn Media will provide strategic PR and communication services to help the Orange County-based company market its washes, waxes, polishes and surface-care products. Surf City Garage, Huntington Beach, CA; 714-894-1707. Kahn Media Inc., Moorpark, CA; 818-881-5246.

The Professional Drag Racers Association (PDRA) has extended its partnership with VP Racing Fuels, which will be designated the official fuel of PDRA through 2017. As part of the agreement, VP will provide trackside fuel service for the all-eighth-mile drag-racing series and post-season awards up to $1,000 in each class for the series championship. Professional Drag Racers Association. Pittsboro, N.C.; 919-799-0621.

Yokohama Tire Corp. of North America announced several organizational changes. Rick Phillips was promoted from senior director for commercial and OTR sales to vice president of sales for consumer, commercial and OTR. He will report to Takayuki Hamaya, YTC chief operating officer. Larry Kull, former senior director for tire business planning and sales operations, is now senior director for consumer sales. He will report to Phillips. Fred Koplin, former senior director for consumer sales, is now senior director of marketing. He will report to Hamaya. Andrew Briggs, former senior director of marketing, product planning and technical services, is now senior director for tire business planning, product planning and sales operations. He will report to Hamaya. Yokohama Tire Corp., Fullerton, CA; 714-870-3800.

AP Exhaust Technologies appointed Chris Ostrander as its chief executive officer and president. Evangelos Proimos will continue as executive chairman, working directly with Ostrander on developing the company’s strategic vision. Ostrander joins AP Exhaust with more than 16 years of experience in the automotive aftermarket and OEM industries. In his most recent role, he served four years as senior vice president and president of the Americas at Cooper Tire & Rubber. AP Exhaust Technologies, Goldsboro, N.C.; 919-580-2000.

Toyo Tire North America has promoted John Ferguson to director of sales. Ferguson has worked with the company since June 2012, first serving as a sales account manager. A graduate of The University of Findlay (Ohio), Ferguson has extensive sales experience with international organizations. Toyo Tire, Cypress, CA; 714-236-2080.

Wilwood Disc Brakes has partnered with Ultimate Performance—a suspension tuning and performance product supplier based in North Carolina—to enhance support to drivers at race events. As part of the partnership, Ultimate Performance owner JJ Furillo will travel to pro-touring events across the country, providing technical support and guidance to competitors on tuning suspensions to match their driving styles. Furillo founded Ultimate Performance in 2014 and has partnered with a number of performance-enhancing companies. Wilwood Engineering Inc., Camarillo, CA; 805-388-1188.

MSDP Group LLC announced that it will merge MSD and Mallory by the end of the first fiscal quarter of 2015. As part of the merger, all fuel and ignition-system products will be manufactured exclusively under the MSD brand. MSD will honor warranties for all existing Mallory products, as well as offer service and repair. MSD will also continue to make available Mallory distributor replacement parts, such as caps, rotors, points and nearly 100 other components. MSD, El Paso, TX; 915-857-5200; Mallory, Cleveland, OH 216-658-6413.

National Performance Warehouse has purchased Racer’s Equipment Warehouse, which has been in business for more than 50 years and serves all varieties of automotive enterprises in the New England area. Racer’s is the regional wholesale specialist in marketing and selling brand-name lines for Jeeps, trucks, SUVs, off-roading, hot rods, musclecars, drag and circle-track cars and street performance. Racers is also a long-standing member of The AAM Group and has a large number of Parts Pro and Total Truck jobbers in the Northeast. National Performance Warehouse, Miami, FL; 305-953-7290.

Longtime motorsports PR specialist Dave Densmore received the Founder’s Award from the International Drag Racing Hall of Fame. For nearly four decades, Densmore has been the spokesperson for the top names in drag racing, as well as both top series. As the primary spokesperson for John Force, Densmore worked beside Force through his 16 Funny Car championships. He helped navigate Force through the high times of winning championships, as well as some of the team’s most devastating times, including the loss of team member Eric Medlen in a testing accident in 2007, and Force’s nearly career-ending accident later that year.

Black Book, a leading provider of electronic data and insight to the automotive industry, appointed Laird Popkin chief technology officer and senior vice president. He joins Black Book from Kaplan Inc., where he was chief enterprise architect. Popkin, who has more than 25 years of executive and technology-management experience, reports directly to Tom Cross, president of Black Book.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.

SEMA News—May 2015

FROM THE HILL
By Ashley Ailsworth

Sealing the Cracks

Containing Costs in the Data-Breach Era

“Data breach” is a term used to describe a wide variety of lapses in security that result in unauthorized access to information stored in electronic form. High-profile mega data breaches receive the greatest media attention, but small and mid-size companies face the same risks.

“We often hear about the large Fortune 500 companies getting hacked, but most of the reported data breaches in the United States happen to small businesses,” said Adam Baille, senior vice president at Liberty Automotive Group. “This is because small businesses don’t usually have the protections and security in place like the large corporations do, and they are usually much easier to infiltrate.”

From malware that collects login and password information to hackers getting their hands on unencrypted data and the theft of credit- and debit-card information during payment transactions, the opportunities for modern criminals abound. “Today, the targets in the automotive aftermarket are the retailers, wholesalers and manufacturers who collect customer credit card and personal information data,” said Bob Corwin, first vice president at Alliant Insurance Services. Unfortunately, standard criminal liability insurance does not always cover costs incurred due to data breaches, and other policies may not pick up the slack. “As general liability insurance carriers exclude security breaches and other electronic threats that could give rise to a claim, it has never been more important to consider adding cyber liability coverage to your company’s risk management portfolio,” added Corwin.

High Cost of a Data Breach

Some of the most substantial costs of data breaches come from lawsuits brought by affected customers, financial-service providers, the Federal Trade Commission and state attorneys general. Costly investigations into the source and cause of the breach are often required. Private suits arising out of a data breach are usually based on state security breach notification, data disposal, consumer protection and unfair business practice laws.

Agreements between merchants and financial institutions, such as credit-card issuers and processors, normally allocate liability for payment card fraud. However, financial institutions have also instituted lawsuits alongside consumers, claiming that the breached company failed to maintain adequate security and demanding that the company pay for reimbursing customers for fraud and card reissuance costs.

Almost all states currently require companies to issue some form of notification to customers whose personal information has been compromised by a breach. Affected customers commonly file suit following notification of a data-breach event, alleging that the company violated state laws and breached a duty to exercise reasonable care in collecting, using and storing personal and financial information obtained from its customers. Contract claims may also be brought when customers assert that they have an express or implied agreement with the business to protect their information. If a company fails to adhere to its stated privacy policies, this failure can lead to similar claims from consumers and trigger federal action by the FTC.

Whether a lawsuit is based in tort, contract, state or federal statute, companies that experience a security breach could end up liable for losses suffered by customers whose information has been compromised, and breached companies are often required to provide credit monitoring and identity-theft prevention services to affected customers. According to Baille, “Costs can run into the tens of thousands of dollars, which is why the average cost of a data breach in 2013 was upwards of $300,000 in the United States.”

Best Practices and Insuring Against the Inevitable

In light of the substantial risks inherent in using, collecting and storing electronic data, companies should consider implementing aggressive internal policies to protect data and respond to data breaches.

After significant losses caused by breaches at major retail chains, credit- and debit-card issuers are encouraging merchants to replace older magnetic strip-reading payment terminals with terminals equipped with electronic chip-reading technology. Card issuers will be shifting liability for fraud onto merchants who do not install the more secure chip-reading payment terminals by October 2015. Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is also necessary for ensuring that the major card brands help cover costs in the event of a breach involving cardholder data.

Switching to the new payment terminals that process “chip” cards, complying with PCI DSS, protecting sensitive data through encryption, securing servers and assessing your system’s vulnerabilities are all important steps.

If cloud computing is used, contracts with cloud service providers should include provisions to assure that data shared over the cloud is secure. Check out “Securing the Cloud: Key Contract Provisions” in the February 2015 issue of SEMA News for information specific to data security in cloud computing. Becoming familiar with the state security-breach notification laws is also important. For more detailed information on achieving data security, visit the FTC’s “Business Center” and other useful resources listed below.

No matter how comprehensive a company’s cyber-security strategy, insurance products to cover data-breach losses are a necessary fallback. Companies should be aware that general liability or similar insurance products may not cover these losses. Cyber liability insurance, also known as data-breach insurance, is offered specifically for this purpose.

“Purchasing a separate cyber liability policy though an insurance company that specializes in this type of coverage is the best way to get proper protection,” said Baille.

A cyber policy must provide coverage for losses incurred by third-parties as well as coverage for the company’s direct first-party losses. “The direct loss of productivity, profitability, reputation, data loss and even costs associated with regulatory government investigation and penalties must be included,” explained Corwin.

Policies that cover costs incurred by reason of a data breach often require businesses to institute adequate cyber controls, such as encrypting data, maintaining firewalls and secure servers and having in place an incident-response plan.

Bob Corwin at Alliant Insurance Services noted five controls that are essential:

1. Boundary firewalls and Internet gateways: These are devices designed to prevent unauthorized access to or from private networks, but good setup of these devices, either in hardware or software form, is important for them to be fully effective.
2. Secure configuration: Ensuring that systems are configured in the most secure way for the needs of the organization.
3. Access Control: Ensuring only those who should have access to systems have access and at the appropriate level.
4. Malware protection: Ensuring that virus and malware protection is installed and up to date.
5. Patch management: ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.

SEMA PAC President’s Club Spotlight: Luanne Brown

Luanne Brown is the founder and president of eTool Developers, headquartered in Grand Rapids, Michigan. She is a five-year member of the SEMA PAC President’s Club and currently serves on the SEMA Board of Directors.

“As an entrepreneur who provides business services to the automotive aftermarket, I support SEMA PAC because I recognize how important the work that is being done by SEMA’s Washington, D.C., team is to our industry and to my own business,” Brown said. “To have a voice in Washington is crucial to the future of our industry—especially today. I just had to get involved. I encourage you, my fellow SEMA members, to join us and have your voice heard, too!”

For more information on SEMA PAC, please contact SEMA PAC and Congressional Relations Manager Christian Robinson at 202-783-6007 x20 or christianr@sema.org.