Security, security everywhere but limited signs of DMARC
As the sun sets on another Infosecurity Europe, we took a look at how many of the exhibiting companies were protecting their own email domains from being spoofed by criminals.
It’s come as a surprise to us all here at Red Sift Towers, but a staggering 74% of the companies exhibiting their cybersecurity prowess at this year’s flagship cybersec event aren’t actually implementing DMARC.
We know DMARC isn’t the sexiest tool in the cybersecurity armoury, but phishing remains a top concern (last year 76% of organisations fell victim to phishing attacks) and these companies are actually leaving their trusted brands open to email impersonation — the simplest way to launch phishing attacks.
Here’s what we found:
- Fail: 74% of exhibitors do not have DMARC in place
- Must try harder: 9 organisations have tried to implement DMARC but have been unsuccessful
- Valiant effort: 17% have implemented DMARC at the monitoring level — fraudulent emails will still make it to the inbox
- Almost there: 4% have implemented DMARC at the quarantine level — fraudulent emails will still make it to the spam/junk folder
- Hooray! 5% have implemented DMARC at the reject level — fraudulent emails are stopped at the gateway
Rahul, our CEO, summed it up perfectly: “Infosec is one of the highlights of the cybersecurity calendar. We’re star struck to be in such prestigious company, which is why our DMARC discovery feels like one of those moments you learn your all-time-hero thinks The Matrix is a documentary! Global DMARC adoption is fairly low, which is why attended — to raise awareness and hopefully inspire more organisations to stamp out this vulnerability.”
We teamed up with TransferWise on Tuesday to talk about their journey to full reject — we had a full house and were pleased that so many industry professionals were present to ask questions and learn more about the protocol and our offering.
Don’t forget, you can sign up for our 2 week free trial at any time on our website, this gives you insight into what your email impersonation problem looks like.
And, in honour of another great InfoSec Europe event we’ll be offering any one who starts a subscription in June 18% off their licence when you enter the code INFOSEC18 at checkout.
Let’s hope the DMARC analysis at Infosecurity Europe 2019 proves for more positive reading!
The ‘science bit’: Research methodology — Red Sift conducted the analysis of the 372 companies exhibiting at Infosecurity Europe 2018 on 16 May, 2018.
