14
Feb 17

Expansion of DMARC is Now Critical

DMARC reaches critical need
Press Release Reposted with Permission from The Global Cyber Alliance

Expansion of DMARC Critical to Reducing Spread of Malicious Emails


Global Cyber Alliance Calls on Leading Cyber Companies 
To Improve Email Protections

SAN FRANCISCO, February 14, 2017 – There is a fix that can prevent a great amount of email-born attacks on consumers and businesses. Unfortunately, the vast majority of public and private organizations globally, including leading cyber security companies, have not deployed DMARC (Domain-based Message Authentication, Reporting & Conformance) to prevent spammers and phishers from using an organization’s name to conduct cyber attacks, according to new research from the Global Cyber Alliance (GCA).

DMARC provides insight into any attempts to spam, phish or spear-phish using an organization’s brand or name. DMARC is supported by 85 percent of consumer email inboxes in the United States (including Gmail, Yahoo, Microsoft, etc.) and more than 2.5 billion email inboxes worldwide. However, DMARC adoption rates among enterprises and government remains low.

The UK Government’s guidance for government agencies directs them to implement DMARC but as of December 2016 only five percent of UK public sector domains had done so. A mere 16 percent of the healthcare sector has adopted DMARC.

The latest research from GCA, an international cross-sector organization dedicated to confronting systemic cyber risk, finds that adoption remains low in the cyber security industry as well.

Only 15 percent of the 587 email domains (that were scanned) for companies exhibiting at the RSA Conference -- one of the world’s largest gatherings of cyber security experts -- use DMARC. Of the 90 RSA exhibiting organizations that do use DMARC, more than 66 percent use the DMARC policy of “none,” which only monitors for email domains, greatly reducing the effectiveness of DMARC.

It is time for the cyber security industry to lead the charge and push for DMARC use across the globe. GCA strongly advocates that organizations implement DMARC and has developed a free DMARC Setup Guide to make DMARC implementation easier (https://dmarc.globalcyberalliance.org/).

The value of correctly implementing DMARC is clear as studiesiii have shown that organizations that use DMARC correctly receive just 23 percent of the email threats that those who do not use DMARC.

“As world leaders in cyber security, we can do better. DMARC protects brands and preserves consumer confidence.  While no security effort is cost-free, clear guidance and tools, such as the GCA DMARC Setup Guide, make DMARC implementation practical, and the benefits are considerable. DMARC is one of the cyber security protocols that can broadly reduce risk, and the more it is implemented, the more protection if offers for everyone,” said Philip Reitinger, President and CEO of GCA. “I’m placing a stake in the ground and calling on the cyber security industry to lead the adoption of DMARC, with a goal that 50 percent of the companies that exhibit at the 2018 RSA Conference implement DMARC prior to the conference, and that 90 percent implement prior to the 2019 RSA Conference. Working together the cyber security industry can be a role model and make a difference.”

About The Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber risk and improving our connected world. It is a catalyst to bring communities of interest and affiliations together in an environment that sparks innovation with concrete, measureable achievements. While most efforts at addressing cyber risk have been industry, sector, or geographically specific, GCA partners across borders and sectors. GCA’s mantra “Do Something. Measure It.” is a direct reflection of its mission to eradicate systemic cyber risks.

GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

 

[i] https://www.gov.uk/guidance/set-up-government-email-services-securely

[ii] https://www.ncsc.gov.uk/blog-post/making-email-mean-something-again

[iii] https://www.helpnetsecurity.com/2017/02/01/phishing-display-name-spoofs/

 

19
Jan 16

How can you eventually move to a p=reject policy when third parties are unable to send email properly on your behalf?

In many cases, a DMARC compliant SMTP relay server can be used to do the trick. In this article, we’ll explore some of the facets of sending DMARC compliant email from third parties, what to look for, and how common hosted solutions such as Google Apps, Office 365, Amazon Simple Email Service (SES), can be leveraged as SMTP relays. Read the rest of this entry »

4
Jan 16

Sending On Behalf Of Others:

Full Sub-Domain Delegation

This article expands on the "full delegation" approach described in the larger How to send DMARC-compliant email on behalf of others article.  An assumption is that the reader is sending email on behalf of others, and desires to send such email in a manner compliant with DMARC. Read the rest of this entry »

31
Dec 15

DMARC is a one-time upgrade

DMARC brings tangible benefits to those who deploy it.  In our work to help as many people as possible deploy DMARC, we’ve uncovered an interesting truth.. Read the rest of this entry »

Tags: ,
19
Dec 15

Policy Modes: Quarantine vs Reject

Domain owners can publish policies that will be applied to email that is not compliant with DMARC:

  • none - which means “take no action, just collect data and send me reports”,
  • quarantine - which means “treat with suspicion”, and
  • reject - which mean “block outright”.

DMARC deployers often ask us: “what’s the difference between quarantine and reject, and what will happen when I publish these policies?”  Understanding what happens when quarantine or reject is published is pretty important! Read the rest of this entry »