Business Wire

2022 CSC Domain Security Report Finds Nearly Three Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats

Share

CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.

In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.

Additional key takeaways from CSC’s research include:

  • 137 companies (6.8%) had a domain security score of “0”
    Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).
  • 45% of companies that use enterprise-class domain registrars also deploy registry lock
    Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.
  • DMARC is the only domain security measure with significantly increased adoption this year
    Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.

“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services. “A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a Zero Trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”

CSC’s report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43% in 2021. MX records can be used to send phishing emails or to intercept email.

To learn more about CSC’s approach to domain security, visit cscdbs.com. Download the Domain Security Report now at cscdbs.com/securityreport .

About CSC

CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

For more information:
Steve Bosk
W2 Communications
CSC@w2comm.com
CSC News Room

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Takeda Completes Acquisition of Nimbus Therapeutics’ TYK2 Program Subsidiary9.2.2023 02:30:00 EET | Press release

Takeda (TSE:4502/NYSE:TAK) today announced that it has completed an acquisition of all shares of Nimbus Lakshmi, Inc. (“Lakshmi”) from Nimbus Therapeutics, LLC (“Nimbus”), on February 8, 2023 (EST), as set forth in the share purchase agreement, following clearance from the United States Federal Trade Commission and a satisfaction of other closing conditions. The agreement had been announced on December 13, 2022: “Takeda to Acquire 100% Ownership of Nimbus Therapeutics’ TYK2 Program Subsidiary”. Following the completion of this transaction, Takeda has now acquired TAK-279, formerly known at Nimbus as NDI-034858. With Phase 2b data to be presented in Q4 FY2022 and Phase 3 study in psoriasis expected to start in 2023, TAK-279 has the potential to demonstrate best-in-class efficacy, safety and convenience in psoriasis as well as multiple other immune-mediated diseases, including inflammatory bowel disease, psoriatic arthritis and systemic lupus erythematosus. This acquisition strengthens T

O-RAN ALLIANCE Events and Demos at MWC Barcelona Showcasing O-RAN Ecosystem Progress9.2.2023 02:24:00 EET | Press release

Join us for O-RAN ALLIANCE Ecosystem Briefing, February 28, 2023 at MWC Barcelona This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230208005994/en/ O-RAN ALLIANCE plans to hold its next industry event on Tuesday, February 28, 2023 from 15:30-16:30 CET at the Deutsche Telekom booth (Hall 3, Stand 3M31). The event will include: An update on O-RAN’s progress and future directions by Alex Jinsung Choi, Chair of the Board of O-RAN ALLIANCE and SVP Group Technology at Deutsche Telekom Stefan Engel-Flechsig, O-RAN ALLIANCE COO Views on important areas supporting widespread adoption of open RAN, featuring leading operators from Asia, Europe and the Americas: Open RAN testing and integration – by Chih-Lin I, Chief Scientist from China Mobile and Co-chair of O-RAN Technical Steering Committee Open RAN security – by Claire Chauvin, Strategy Architecture and Standardization Director at Orange Open software for the RAN – by Rob Soni, VP RA

IFF Reports Fourth Quarter and Full Year 2022 Results9.2.2023 00:31:00 EET | Press release

International Flavors & Fragrances Inc. (NYSE: IFF) reported financial results for the fourth quarter and full year ended December 31, 2022. Management Commentary “IFF delivered solid financial results in 2022 in what continues to be a challenging operating environment,” said IFF CEO Frank Clyburn. “Throughout the year our team successfully executed on what we could control – pricing, productivity and portfolio optimization – to generate strong sales growth, enhance profitability and reduce our debt. At the same time, we introduced a refreshed growth-focused strategy, that deepens our commitment to customers, prioritizes our highest-return businesses, and expands productivity to drive long-term profitable growth. We are confident that these are the right strategies to navigate near-term challenges – as we balance growth, profitability and cash flow generation – and deliver long-term value creation for our shareholders.” Fourth Quarter 2022 Consolidated Financial Results Reported net sa

Global Partners Announce Innovations for Marine Managers to Help Our Oceans With Private Sector Support From Mary Kay Inc.8.2.2023 20:03:00 EET | Press release

Ocean conservation managers and practitioners, global experts, and high-level officials are convening for the Fifth International Marine Protected Area Congress (IMPAC5) from February 3-9 in Vancouver, Canada, to take a stand to protect the ocean. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230208005180/en/ MPAth, short for Marine Protected Area Tool Hub, is a free online resource for seascape stakeholders at every level. It uses the same problem-solving matrix honed by marine experts to guide users through a learning journey and help them address their most pressing challenges on sustainable livelihoods, financing, effectiveness, and climate change. (Credit: UN Environment Programme) IMPAC5 is known as the preeminent conference for the exchange of knowledge within the global community of marine conservation managers, practitioners, and decision makers. It provides the opportunity to highlight the latest science and share

Morgan Stanley Hosts First Global Demo Day for Startups in Inclusive Ventures Lab8.2.2023 18:23:00 EET | Press release

Morgan Stanley (NYSE: MS) today is hosting its first global in-person Demo Day, with 10 participating companies from the US and Europe, the Middle East and Africa (EMEA). The cohort companies, all founded by women, will pitch over 200 investors, as well as potential business partners and customers. Over the past five months, Morgan Stanley’s Inclusive Ventures Lab has supported its eighth cohort of technology-enabled startups in the post-seed to Series A funding round stage, offering an intensive accelerator program designed to provide a variety of mentorship opportunities and business-growth resources from across the Firm’s network. “We are on a mission to change the investing landscape for underrepresented founders. Through our accelerator program we are providing promising startups with much-needed capital, the broad resources of Morgan Stanley and access to investors,” said Selma Bueno, Managing Director and Global Head of the Inclusive Ventures Group. “Today’s Demo Day showcases i

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom