Even though the adoption of DMARC has grown over the past year, only 21 percent) of Fortune 500 companies are protected from being spoofed with only 13.9 percent of all domains enforcing the standard.
Industry sectors lag substantially behind U.S. government entities where three-fourths of U.S. federal domains are safeguarded by DMARC enforcement, according to a report from Valimail that analyzed tens of millions of domains from publicly traded and privately held for-profit companies, non-profit organizations, governments and NGOs.
The research found that the 79 percent of Fortune 500 domains that can still be spoofed is because they either have no DMARC, or they are using DMARC in “monitor mode,” which ultimately doesn’t protect an organization from an impersonation-based attack, the top cybersecurity compromise vector.
Please register to continue.
Already registered? Log in.
Once you register, you'll receive:
The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.
Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.
SC Media’s essential morning briefing for cybersecurity professionals.
One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.