2022 CSC Domain Security Report Finds Nearly Three Quarters of Global 2000 Companies are at Alarmingly High Risk of Exposure to Security Threats
CSC, an enterprise-class domain registrar and world leader in mitigating domain and domain name system (DNS) threats, today released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures—exposing them to high risk of security threats. These companies have implemented less than half of all domain security measures.
In addition, lookalike domains are targeting those companies as well—with 75% of homoglyph registrations being registered to unrelated third parties. That means many of the world’s largest brands contend with maliciously registered domains that look like their brands. The intent of these fake domain registrations is to leverage the trust placed on the targeted brand to launch phishing attacks or other forms of digital brand abuse, or IP infringement that leads to revenue loss, traffic diversion, and a diminished brand reputation. Homoglyph domains are just some of the endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties.
Additional key takeaways from CSC’s research include:
-
137 companies (6.8%) had a domain security score of “0”
Not deploying any of the recommended domain security measures puts these companies at risk for a variety of attacks, including but not limited to domain and DNS hijacking attacks, network and data breaches, phishing and ransomware attacks, and business email compromise (BEC).
-
45% of companies that use enterprise-class domain registrars also deploy registry lock
Registry lock is a highly cost-effective means to protect domain names against accidental or unauthorized modifications or deletions. Only 5% of companies that use consumer-grade registrars have registry lock deployed. Additionally, only six organizations within the Global 2000 had the highest overall domain security score, which correlates with their use of an enterprise-class registrar.
-
DMARC is the only domain security measure with significantly increased adoption this year
Given all the news about phishing attacks—including their increase in volume and complexity—it’s no surprise that domain-based message authentication, reporting, and conformance (DMARC) adoption has increased by 12 percentage points in the last 12 months. However, growth in other domain security measures, such as registry lock, domain name system (DNS) redundancy, DNS security extensions (DNSSEC), and certificate authority authorization (CAA) records saw limited increases year-over-year.
“This report shows that while some progress has been made, a majority of the companies listed in the Forbes Global 2000 are still overlooking full implementation of foundational domain security measures,” says Mark Calandra, president of CSC’s Digital Brand Services. “A focus on securing legitimate domains while monitoring for malicious domains in parallel needs to be a bigger priority for companies that are advocating for a Zero Trust model to stay protected and thwart cyber risk. Otherwise, companies are exposing themselves to significant enterprise risks that can impact their cyber security posture, data protection, intellectual property, supply chains, consumer safety, revenue, and reputation.”
CSC’s report also found that 82% of the third parties registering homoglyph domains are actively masking their identity. This demonstrates the attempt to hide their ownership, showing they may have some nefarious intentions. Additionally, 48% have MX records in 2022, compared to 43% in 2021. MX records can be used to send phishing emails or to intercept email.
To learn more about CSC’s approach to domain security, visit cscdbs.com. Download the Domain Security Report now at cscdbs.com/securityreport .
About CSC
CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.
View source version on businesswire.com: https://www.businesswire.com/news/home/20221115005251/en/
Contact information
For more information:
Steve Bosk
W2 Communications
CSC@w2comm.com
CSC News Room
About Business Wire
For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.
Subscribe to releases from Business Wire
Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.
Latest releases from Business Wire
U.S. FDA Approves Expanded Indication for VONVENDI ® [von Willebrand factor (Recombinant)] for Adults and Children with Von Willebrand Disease6.9.2025 03:45:00 EEST | Press release
Takeda (TSE:4502/NYSE:TAK) today announced that the U.S. Food and Drug Administration (FDA) has approved the supplemental Biologics License Application (sBLA) for VONVENDI® [von Willebrand factor (Recombinant)], expanding the indication to include routine prophylaxis to reduce the frequency of bleeding episodes in adults with von Willebrand Disease (VWD), including those with Type 1 and 2 disease, and on-demand and perioperative management of bleeding in pediatric patients with VWD. VONVENDI was previously approved for on-demand and perioperative use in adults with VWD and routine prophylactic use in adults with severe Type 3 VWD receiving on-demand therapy.1 VONVENDI is now available for use in a broad range of VWD patients and is the only recombinant von Willebrand Factor (VWF) replacement therapy with approved indications in both adults and children with VWD.1 VWD is the most common bleeding disorder impacting more than 3 million people in the U.S. alone. It occurs equally among men
Samsung Unveils “AI Home: Future Living, Now” Vision at IFA 20256.9.2025 00:34:00 EEST | Press release
At Innovation For All (IFA) 2025, Samsung Electronics showcased its vision for “AI Home: Future Living, Now”. Samsung’s AI Home aims to be a reality people can experience today — not just in the future — and one designed for everyone, not just a select few. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250905654772/en/ Cheolgi Kim, Head of Digital Appliances, presents Future Living Now at Samsung’s IFA 2025 press conference in Berlin “At Samsung, we’re not just imagining the future of AI; we’re building it into everyday life. Samsung’s AI Home moves beyond smart devices to homes that truly understand you, adapt to your needs, and care for what matters most,” said Cheolgi Kim (CK), Executive Vice President and Head of Digital Appliances (DA) Business. “This is the beginning of a new era - where technology supports your life in the background so that you can live it more fully.” Samsung’s AI Home experience is designed to mak
NetApp named a Leader by Gartner® in the 2025 Magic Quadrant™ for Enterprise Storage Platforms5.9.2025 18:15:00 EEST | Press release
NetApp® (NASDAQ: NTAP), the intelligent data infrastructure company, today announced it has been recognized by Gartner as a Leader in the 2025 Gartner Magic Quadrant for Enterprise Storage Platforms. NetApp believes this recognition reflects how the company’s continuous innovation helps customers build Intelligent Data Infrastructure to face modern technology challenges, including protection from cyber threats and using AI to drive data-based decisions. The evaluation was based on specific criteria that analyzed the company’s overall Completeness of Vision and Ability to Execute. According to Gartner, “Enterprise storage platforms offer platform-native service capabilities and product features for both structured and unstructured data workloads. Heads of infrastructure and operations should use this research to assess vendors in deploying a modern IT infrastructure platform for block, file and object storage.” This report combines the previous Gartner Magic Quadrant reports for the Pri
Capcom’s Popular Title Street Fighter’s Live-Action Movie Starts Filming!5.9.2025 16:00:00 EEST | Press release
Capcom Co., Ltd. (TOKYO:9697) today announced that filming has commenced on a live-action film adaptation of its popular fighting game series Street Fighter, in collaboration with Legendary Entertainment (Legendary), with both companies jointly financing the project. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250905806122/en/ Street Fighter Movie Title Logo To expand global sales of its core home video game software business, Capcom is actively promoting the branding of its proprietary IP under the Single Content Multiple Usage strategy. Particularly, the adaptation of game content into visual media is a valuable opportunity to broaden awareness of Capcom’s IP beyond the gaming audience. With filming of the upcoming film Street Fighter now starting, the casting of the main characters—Ken, Ryu, and Chun-Li —has been finalized. Through joint financing with Legendary, a company renowned for producing numerous blockbuster fi
Motive’s Entitlement Server Acknowledged as a Pacesetter in Counterpoint Research’s 2025 Rankings5.9.2025 16:00:00 EEST | Press release
Motive, a global leader in device management, today announced its recognition as a Pacesetter in Counterpoint Research’s 2025 Entitlement Server Rankings. Counterpoint placed Motive in its highest top-right Pacesetter quadrant: the most advanced recognition in the ranking. This accolade reflects Motive’s decisive investment in entitlement orchestration at a time when operators face urgent deadlines, including Apple’s September 2025 RCS requirement. Motive has taken the lead, proving ability to deliver at scale, currently deployed in large mobile service providers across North America, Europe, Africa, the Middle East, Asia-Pacific, and Latin America. Removing Barriers to RCS and Beyond The industry has long wrestled with the lack of a commercial framework for Rich Business Messaging (RBM) and lack of cross platform support between Android and iOS. Motive addresses this by ensuring operators can enable RCS on both Apple and Android devices securely without delay. This approach derisks op
In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.
Visit our pressroom