Who We Are
- - The Global Cyber Alliance has a singular purpose: to reduce cyber risk. Learn about our goals, our impact, and meet the minds behind our mission.
Programs & Initiatives
- - At GCA, our core programs – Internet Integrity and Capacity & Resilience – aim to tackle key challenges of interent infrastructure, privacy, and safety.
- - Internet Integrity Program
    - Domain Trust
    - AIDE
  - Cyber Civil Defense
- - Capacity & Resilience Program
    - GCA Toolkits
    - Actionable Cybersecurity Tools
Tools
- - We create free, useful tools that make a real impact on improving security for organizations and individuals. Explore our tools here.
Get Involved
- - There are many ways that you can become part of our global effort. Whether it’s using one of our tools to help improve your own cybersecurity, partnering with us on cutting edge projects, or investing resources, your involvement is what makes our success possible!
- - Use a Tool
  - Become a Partner
- - Community Forum
  - Donate
News & Events
- - Explore the latest news from across the GCA community, find upcoming webinars and local events, and dive deeper into resource content.
- - News
  - Events
- - Blog
  - Reports & Publications

Who We Are
- - The Global Cyber Alliance has a singular purpose: to reduce cyber risk. Learn about our goals, our impact, and meet the minds behind our mission.
Programs & Initiatives
- - At GCA, our core programs – Internet Integrity and Capacity & Resilience – aim to tackle key challenges of interent infrastructure, privacy, and safety.
- - Internet Integrity Program
    - Domain Trust
    - AIDE
  - Cyber Civil Defense
- - Capacity & Resilience Program
    - GCA Toolkits
    - Actionable Cybersecurity Tools
Tools
- - We create free, useful tools that make a real impact on improving security for organizations and individuals. Explore our tools here.
Get Involved
- - There are many ways that you can become part of our global effort. Whether it’s using one of our tools to help improve your own cybersecurity, partnering with us on cutting edge projects, or investing resources, your involvement is what makes our success possible!
- - Use a Tool
  - Become a Partner
- - Community Forum
  - Donate
News & Events
- - Explore the latest news from across the GCA community, find upcoming webinars and local events, and dive deeper into resource content.
- - News
  - Events
- - Blog
  - Reports & Publications

Blog

White House Makes Significant Progress on DMARC Deployment

By Paul Simmonds

April 13, 2018

By Phil Reitinger

Ten days ago, on April 3, the Global Cyber Alliance released a study that only one of 26 domains managed by the Executive Office of the President (EOP) had deployed DMARC to block spoofed phishing emails. These EOP domains are crown jewels that criminals and foreign adversaries covet. Without DMARC implemented, scammers and criminals could hijack an email domain to steal money, trade secrets or even jeopardize national security.

DMARC weeds out fake emails (known as direct domain spoofing) deployed by spammers and phishers targeting the inboxes of workers in all sectors of society.

In only ten days, the situation has changed dramatically. Now six of the 26 EOP domains have implemented DMARC at its highest level (p=reject) to prevent delivery of spoofed phishing emails. The domains now at “reject” include OMB.gov, a very important domain, and CYBERSECURITY.gov.

In total, the White House has now implemented DMARC in some form on 50% of the EOP domains, up from 30%. Congratulations are due on this significant work, especially in the days leading up to the RSA Security Conference. It’s time for industry to step up as well.

And when we see WHITEHOUSE.gov and EOP.gov move to reject as well, we will let everyone know about it.

The author, Phil Reitinger, is the President and CEO of the Global Cyber Alliance. You can follow him on Twitter @CarpeDiemCyber.

cyber cyber security cybersecurity DMARC email authentication phishing White House

Back to Blog Next Post