2022 CSC Domain Security Report Finds Nearly Three Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats

15.11.2022 17:00:00 EET | Business Wire

CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.

In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.

Additional key takeaways from CSC’s research include:

137 companies (6.8%) had a domain security score of “0”
Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).

45% of companies that use enterprise-class domain registrars also deploy registry lock
Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.

DMARC is the only domain security measure with significantly increased adoption this year
Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.

“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services. “A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a Zero Trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”

CSC’s report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43% in 2021. MX records can be used to send phishing emails or to intercept email.

To learn more about CSC’s approach to domain security, visit cscdbs.com. Download the Domain Security Report now at cscdbs.com/securityreport .

About CSC

CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

View source version on businesswire.com: https://www.businesswire.com/news/home/20221115005251/en/

Contact information

For more information:
Steve Bosk
W2 Communications
CSC@w2comm.com
CSC News Room

About Business Wire

Business Wire

http://www.businesswire.com

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Smiths Detection launches cutting edge X-ray Diffraction scanner16.4.2024 09:00:00 EEST | Press release

Smiths Detection, a global leader in threat detection and security screening technologies, today announces that it has launched the SDX 10060 XDi, a ground-breaking X-ray scanner powered by diffraction technology. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240415145550/en/ Smiths Detection's ground-breaking SDX 10060 XDi, powered by diffraction technology. (Photo: Business Wire) X-ray Diffraction (XRD) is a powerful inspection technology offering highly accurate material discrimination and substance identification based on an object’s molecular structure. XRD is particularly suited to detecting constantly evolving compounds in powder, liquid or solid forms, such as ‘homemade’ explosives or narcotics, even for materials with similar densities. Multi-level baggage and material handling operations and express forwarders are under pressure to screen huge volumes quickly and efficiently. The SDX 10060 XDi can transform this p

Dataocean AI Unveils NEW Brand, NEW Site, and NEW Multilingual Speech Corpus for Speech Foundation Models at ICASSP 202416.4.2024 08:00:00 EEST | Press release

Dataocean AI, a global data services provider, is pleased to announce a NEW brand, a NEW site, and a NEW Multilingual Speech Corpus for Speech Foundation Models at ICASSP 2024. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240415891226/en/ Dataocean AI's New Website (Graphic: Business Wire) Dataocean AI announced the upgrade of its branding at ICASSP. The new brand, characterized by dynamic gradient design, symbolizes the company's unwavering commitment to excellence and innovation in the AI data industry. With almost 20 years of experience in the AI data industry, Dataocean AI will continue to innovate, subvert the industry with technology, and provide cost-effective data products and services for over 900 enterprises and research institutes globally. Meanwhile, Dataocean AI launched the new site. A key highlight of the new site is that they have created an e-commerce model for shopping datasets, making it more accessible

GridBeyond Closes €52M Series C Funding Round to Continue Its Platform Evolution and Invest in New & Existing Markets16.4.2024 07:00:00 EEST | Press release

GridBeyond, the leading intelligent energy and smart grid platform provider for distributed energy resource management, has closed its €52M Series C financing round. The round was led by Alantra’s Energy Transition Fund, Klima. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240415760197/en/ GridBeyond closes €52M Series C funding round to continue its platform evolution and invest in new & existing markets. (Graphic: Business Wire) The Series C round also included new investors Energy Impact Partners, Mirova, ABB, Constellation and Yokogawa Electric Corporation as well as investment from existing investor, Act Venture Capital. Since its foundation in 2010, GridBeyond has been developing its AI platform to help businesses unlock the full potential of energy assets, ensuring the sustainability, resilience, and affordability of energy as the world moves towards a zero-carbon future. GridBeyond’s technology unleashes the latent

World Famous Soccer Star Neymar Junior Joins Forces With Fun Brands and Enters the Cocktails and Mocktails Business With His Own Brand15.4.2024 19:00:00 EEST | Press release

Neymar da Silva Santos Júnior, known as one of the best soccer players in the world, joins forces with Fun Brands, a Miami, Florida-based beverage company, to announce a new collaborative venture of innovative, all-natural spirit- and wine-based cocktails and zero alcohol mocktails launching in Brazil later this year. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20240415201897/en/ World Famous Soccer Star Neymar Junior Announces Collaborative Venture With Fun Brands to Enter Cocktail and Mocktail Business With Own Brand (Photo: Business Wire) “This is a great opportunity for me to celebrate in a new way with my fans worldwide, creating possibilities for connection beyond soccer, which is my life,” highlighted the All-star. “I want to share the flavors of Brazil that I love the most with my soccer fans at home and around the world in a different and irreverent way. The idea of also offering non-alcoholic beverages greatly att

First Interim Analysis of PROSPER Study Details Patient-Reported Symptom Burden of Mycosis Fungoides and Sézary Syndrome15.4.2024 16:15:00 EEST | Press release

On Friday, 12th April, 2024, Professor Julia Scarisbrick of University of Birmingham presented interim findings from the Kyowa Kirin, Inc. (Kyowa Kirin, TSA: 4151)-sponsored study, “Real-World Observational Study of Mogamulizumab in Adult Patients with Mycosis Fungoides and Sézary Syndrome (PROSPER)”, a prospective observational study evaluating the real-world impact of mogamulizumab on disease symptoms and health-related quality of life (HRQoL) in patients with these subtypes of cutaneous T-cell lymphoma (CTCL). CTCL is a rare form of non-Hodgkin lymphoma that most prominently affects the skin, presenting as patches, plaques, tumours, or reddening of the entire skin, and may be associated with severe itching. In a proportion of cases, the disease may spread to the lymph nodes, blood, and/or other organs. In the current interim analysis, symptom scores (mean) were reported for 20 adult patients with relapsed or refractory disease (8 MF; 12 SS) over their first 16 weeks of mogamulizumab

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom