CSC, a world leader in business, legal, tax, and domain security, has released its 2020 Domain Security Report: Forbes Global 2000 Companies from their Digital Brand Services (DBS) division.
The report highlights significant shortfalls in enterprise domain security practices, putting organizations’ internet-facing digital assets at risk to threats, including domain name and domain name system (DNS) hijacking, phishing, and other fraudulent activity.
According to the report, 83% of Global 2000 organizations have not adopted basic domain security measures such as registry lock, which puts them at risk for domain name hijacking. The report indicates a wide industry disparity in domain security maturity with information technology and media and entertainment industries more likely to embrace available security controls, while industries such as materials and real estate trail behind.
“These security shortfalls are the direct result of not executing proper domain security techniques. Domain security cannot be an afterthought, and there needs to be a conscious effort to make this an intentional and critical part of every company’s overall cyber security posture, especially as criminals evolve their attack methods,” says Mark Calandra, executive vice president for CSC DBS.
“As companies move to more online business models, it’s essential to use defense-in-depth practices to proactively manage, secure, and defend the foundational internet-facing components of your digital brand presence.”
Additional highlights from the report include:
· Four out of five Global 2000 companies are severely at risk and exposed to domain name and DNS hijacking due to a lack of registry locks. Unlocked domains are vulnerable to social engineering tactics, which can lead to unauthorized DNS changes and domain name hijacking.
· 53% of the Forbes Global 2000 use retail-grade domain registrars, putting them at greater risk for phishing, social engineering, and attacks while complicating compliance demands. The management of the overall domain name portfolio by a reputable corporate registrar versus a retail registrar will make the adoption of domain security standards much easier to implement and monitor.
· Only 20% of Global 2000 companies use enterprise-grade DNS hosting. Lack of DNS hosting redundancy and using non-enterprise-level DNS providers poses potential security threats like resiliency to distributed denial of service (DDoS) attacks, as well as down time, and revenue loss.
· 97% of the Global 2000 don’t use DNS security extensions (DNSSEC), which means the majority of companies are prone to cache poisoning attacks. Lack of deployment of DNSSEC leads to vulnerabilities in the DNS, which could include an attacker hijacking any step of the DNS lookup process.
· Domain-based message authentication, reporting, and conformance (DMARC) use is only at 39% for the Global 2000 companies. DMARC is an email validation system designed to protect a company’s email domain from being used for email spoofing, phishing scams, and other cyber crime.
A core division of CSC, DBS is the trusted provider of choice for the Forbes Global 2000 and is the only enterprise-class registrar with a comprehensive set of solutions focused on defending businesses from targeted threat vectors to their domain names, DNS, and digital certificates.
Moreover, the organization detects and mitigates online brand abuse, infringements, and fraud with the latest machine analysis and scoring technology to perform global enforcement, including takedowns and advanced techniques in internet blocking.
– June 18, 2020 @ 18:15 GMT |