Monday , 18 June 2018
Home » NEWS » EDITOR’S NEWS » Europe’s cybersecurity finest failing on email security basics
Europe’s cybersecurity finest failing on email security basics

Europe’s cybersecurity finest failing on email security basics

As the shining lights of the information security industry descend on London, Red Sift, a data-driven cybersecurity platform, has uncovered the disconcerting reality that three quarters of these industry leaders are falling short on essential email authentication measures, leaving their trusted brands open to email spoofing. 

Red Sift analysed the DMARC records for exhibitors’ primary email domains and found that of the 372 security solutions vendors busily advising users on cybersecurity best practice at this year’s Infosec, 74% aren’t taking the right steps to implement DMARC and protect their own domains from email fraud. This ‘oversight’ is made all the more pertinent given recent research from Cofense (who, for the record, holds valid DMARC records) revealed 91% of cyber attacks start with email impersonation. 

DMARC might be the ugly duckling of the (comparatively) glamorous cybersecurity world, but it’s an essential protocol that has been lauded by the National Cyber Security Centre as the most effective defence against email impersonation and therefore phishing. Red Sift used the annual Infosec event to look for evidence of DMARC implementation amongst attendees, however the research painted a faintly embarrassing picture: 

Fail: 74% of exhibitors do not have DMARC in place

Must try harder: 9 organisations have tried to implement DMARC but have been unsuccessful

Valiant effort: 17% have implemented DMARC at the monitoring level – fraudulent emails will still make it to the inbox

Almost there: 4% have implemented DMARC at the quarantine level – fraudulent emails will still make it to the spam/junk folder

Hooray! 5% have implemented DMARC at the reject level – fraudulent emails are stopped at the gateway

 “Infosecurity Europe is one of the highlights of the cybersecurity calendar. We’re star struck to be in such prestigious company, which is why our DMARC discovery feels like one of those moments you learn your all-time-hero thinks The Matrix is a documentary!” said Rahul Powar, CEO, Red Sift. “These events are timely reminders for firms to get their own houses in order. Global DMARC adoption is fairly low, which is why we’re here at the event to raise awareness and hopefully inspire more organisations to stamp out this vulnerability.”

About Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org