email authentication

Category

Posts

The Global Cyber Alliance conducted an analysis last week showing that most of the 2020 Democratic presidential primary candidates have not taken the necessary steps to secure their email systems. The analysis also reported that only four of the then-14 Democratic candidates’ websites were using a security protocol to ensure emails sent from a campaign address were actually from the campaign. Once CNN reported the story, three more candidates took action to implement DMARC!

Domain-based Message Authentication, Reporting and Conformance (DMARC) is a solution that verifies if sent emails are from the website they claim to be from. “There’s lots of things you can do to help protect email,” Phil Reitinger, president and CEO of Global Cyber Alliance, told CNN. “Use of DMARC is really table stakes for whether you’re serious about email security.” GCA has developed a DMARC tool that is free and helps organizations get started with setting up DMARC to better protect their email systems.

To read the full article posted by CNN, click on the image below!

DMARC Analyzer’s CEO and Key Account Managers come together during this Webinar to give insight on how DMARC can prevent malicious attacks on the email channel. They will share their own experiences with DMARC and offer advice on eliminating SPAM and phishing emails for your organization.

When:  Thursday, November 15th 2018 at:

11:00 AM PST
02:00 PM EST
08:00 PM CET

Please click here to register for this webinar!

In this 45 minute webinar, GCA partner dmarcian’s CEO, Tim Draegen, and GreatHorn CEO, Kevin O’Brien, will explore how their approach to addressing today’s sophisticated and highly targeted spear phishing threats is shifting, and how the technology we use for keeping up has evolved.

You’ll leave the webinar with an understanding of:

  • Today’s most pernicious threats
  • The pros and cons of legacy tools
  • New approaches to addressing these threats

When: Thursday, November 1

11am PT – 2pm ET

Please Click Here to register for the webinar.

 

Our CEO, Philip Reitinger, discusses how US federal agencies’ progress on DMARC deserves praise.

“Based on the most recent numbers from DHS, reported by FCW, federal agencies will come close to making the Department of Homeland Security’s deadline to implement Domain-Based Message Authentication, Reporting and Conformance tools, or DMARC.”

Click below to read the entire article.

Fed Gov 90 Days to DMARC

The Global Cyber Alliance Provides Free Tools for Agencies to Meet

U.S. Department of Homeland Security Deadline


WASHINGTON, D.C., July 16, 2018 – U.S. federal government agencies have less than 90 days to meet a U.S. Department of Homeland Security (DHS) Binding Operational Directive (BOD) focused on bolstering email and website security for all federal agencies that operate .gov email and website domains. The federal government has made good progress toward fulfilling the directive, with 74% of the domains tested having implemented a DMARC policy, however, less than half of the domains (47%) are at the highest policy level of “reject” – the setting that prevents spoofed email from being delivered to people. Agencies have three more months to meet the requirements of the directive.

By October 16, 2018, all agencies are required to deploy the email security protocol DMARC (Domain-based Message Authentication, Reporting & Conformance) at the policy level of “reject” to prevent spammers and phishers from using an organization’s name to conduct cyberattacks.

Since the BOD was issued on October 16, 2017, GCA research has found that more than 600 agency email domains have moved to the most secure “reject” setting for DMARC. In total, 605 domains are set to “reject” and 26 are set at the second-highest security level, “quarantine”. However, half of all federal government email domains (319) have only deployed DMARC at its least secure setting or have not deployed DMARC at all (334).

“DHS has shown tremendous leadership in requiring the deployment of advanced email and web security tools that will protect consumers, government workers and our nation’s critical infrastructure,” said Philip Reitinger, president and CEO of the Global Cyber Alliance. “Even with difficulties, agencies should at least have implemented DMARC at its most simple level. It takes little time, does not risk disruption of service, and provides insight on operations and threats.”

GCA has helped organizations implement DMARC with a collection of free resources that include the GCA DMARC Setup Guide, instructional videos, and webinars. Agencies can take advantage of these resources online at www.dmarc.globalcyberalliance.org.

DMARC weeds out fake emails (known as direct domain spoofing) deployed by spammers and phishers targeting the inboxes of any person with an email address.  According to the 2018 Symantec ISTR report, 1 in 131 emails contained malware, the highest rate in 5 years.

Without DMARC protection, hackers can create emails that appear to be from a trusted source but instead contain malicious links or ask for additional personal information that could be provided by unsuspecting consumers.

 

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect.  Learn more at www.globalcyberalliance.org.