2022 CSC Domain Security Report Finds Nearly Three Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats
CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.
In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.
Additional key takeaways from CSC’s research include:
137 companies (6.8%) had a domain security score of “0”
Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).
45% of companies that use enterprise-class domain registrars also deploy registry lock
Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.
DMARC is the only domain security measure with significantly increased adoption this year
Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.
“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services. “A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a Zero Trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”
CSC’s report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43% in 2021. MX records can be used to send phishing emails or to intercept email.
CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
Philip Morris International Announces New Regional Structure and Senior Management Changes to Accelerate Growth Toward a Smoke-Free Future25.11.2022 21:05:00 EET | Press release
Philip Morris International Inc. (PMI) (NYSE: PM) today announced a new regional structure and related senior management changes to enable continued growth as a multicategory leader internationally and advance its rapid transition toward a smoke-free future. “We are changing the company’s regional structure to further support the growth of our smoke-free business, reinforce consumer centricity, and increase the speed of innovation and deployment—all in alignment with our ambition of becoming a majority smoke-free business by net revenues by 2025,” said Jacek Olczak, PMI’s Chief Executive Officer. “The new structure will also create new opportunities to further grow our senior talent, deepening the bench of leaders who will spearhead PMI’s progress toward a smoke-free future for the years to come. I am confident of the exceptional caliber and determination of our people and wish them the best in their new roles.” By the end of January 2023, PMI will rearrange its operations in four regi
China’s Vanke Foundation presents fruitful green development achievements at COP2725.11.2022 17:44:00 EET | Press release
China’s Vanke Foundation invited dozens of Chinese charitable organizations, institutes and industry associations to present the fruitful achievements of China's green development at the recently concluded 2022 United Nations Climate Change Conference (COP27) in Sharm El-Sheikh. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221125005204/en/ Wang Shi(L4), Chairman of Vanke Foundation, and other Chinese delegates called for joint action on climate change at COP27 in Sharm El-Sheikh, Egypt on Nov. 11, 2022. (Photo: Business Wire) According to Wang Shi, Founder of Vanke Group, Chairman of Vanke Foundation, and Founder of C Team, only a few nongovernmental Chinese individuals, including himself, representing about 100 Chinese companies attended COP15 in Copenhagen back in 2009, while this year, together with numbers of partners from different sectors, approximately one million Chinese enterprises and institutions have been invol
Fruits Eco-Blockchain Project Completes its Security Audit of their Native Blockchain Conducted by Quantstamp25.11.2022 17:00:00 EET | Press release
Fruits Eco-Blockchain Project is pleased to announce their completion of a security audit of the Fruits Blockchain's contract system conducted by Quantstamp, a leader in web3 security. The focus of the audit was to verify that the smart contract system is secure, resilient and working according to its specifications. The audit activities can be grouped in the following three categories: This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221120005089/en/ Fruits Eco-Blockchain Project completes its security audit of their native blockchain conducted by Quantstamp (Graphic: Business Wire) Security: Identifying security related issues within each contract and within the system of contracts. Sound Architecture: Evaluation of the architecture of this system through the lens of established smart contract best practices and general software best practices. Code Correctness and Quality: A full review of the contract source code. The prim
Abu Dhabi Hosts Annual Investment Meeting May 202325.11.2022 16:49:00 EET | Press release
Abu Dhabi will host the 12th edition of the Annual Investment Meeting from 8 to 10 May 2023, which will take place under the theme of “The Investment Paradigm Shift: Future Investment Opportunities to Foster Sustainable Economic Growth, Diversity, and Prosperity”. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221125005180/en/ Abu Dhabi Hosts Annual Investment Meeting May 2023 (Photo: AETOSWire) At a press conference held today in Abu Dhabi, the announcement of the launch of AIM Global 2023 which is supported by the Ministry of Industry & Advanced Technologies, with the Abu Dhabi Department of Economic Development (ADDED) as a lead partner was made in the presence of H.E. Dr. Thani bin Ahmed Al Zeyoudi, Minister of State for Foreign Trade, Vice Chairman of the UAE Industry Development Council and H.E. Mohamed Ali Al Shorafa, Chairman of ADDED. AIM Global 2023 pillars will discuss the global capital market transformation, way
Alberto Bona’s Exploit on the Class40 IBSA: Eighth at the Route Du Rhum25.11.2022 15:13:00 EET | Press release
Thursday, November, 24, at 3:34:50 pm local time (8:34:50 Paris-Rome time) in Pointe-à-Pitre, Alberto Bona on the Class40 IBSA crossed the finish line of the twelfth edition of the Route du Rhum in eighth place. His race time is 15 days, 6 hours, 19 minutes and 50 seconds. The skipper of the Class40 IBSA sailed the 3,542 miles between Saint-Malo and Pointe-à-Pitre at a speed of 9.67 knots on the great-circle course, actually covering 4005.51 miles at an average speed of 10.93 knots. He arrived in Pointe-à-Pitre 1 day, 3 hours, 11 minutes and 10 seconds after the Class40 winner, Yoann Richomme. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20221125005116/en/ Alberto Bona on the Class40 IBSA crosses the finish line of the twelfth edition of the Route du Rhum (©IBSA | Beppe Raso) “A very nice but extremely hard regatta, especially in the upwind week”, stated Alberto upon arrival. “I am extremely happy: IBSA and I made it togethe
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.Visit our pressroom