Home / Blogs

Registrar Influence on the Domain Security Posture of the Forbes Global 2000

By Sue Watts Global Marketing Leader, Digital Brand Services, CSC

In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning.

On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars.

There’s a 52% adoption of registry locks among companies using enterprise-class registrars versus only 4% among companies using consumer-grade ones.

Across all security controls, we observed greater adoption among companies that use enterprise-class registrars compared to those using consumer-grade. This is especially apparent for the adoption of registry locks, as most consumer-grade registrars do not support such locks.

Furthermore, some industries have found themselves more in the spotlight because of COVID-19. Those industries are healthcare equipment and services, drugs and biotechnology, chemical, and household and personal products. The increased demand on all of these industries over the past year and a half have made them key targets for cybercriminals. So it’s highly concerning that these industries still appear in the middle-to-lower half of the risk mitigation effectiveness scale.

On average, only one in four organizations within these industries adopt registry locks, preventing domain name hijacking and unauthorized changes to the domain name system (DNS). But perhaps the low adoption of these protocols is not surprising, considering that 32-48% of companies within these industries are using consumer-grade registrars, which don’t offer DNS security extensions (DNSSEC), registry locks, or certificate authority authorization (CAA) records as standard.

Domain security is the missing link in most cyber security strategies. Using the best-in-class security measures for your domains can help prevent phishing attacks, BEC, and ransomware in their early stages.

Many industry experts have emphasized that it’s very important to maintain strong cyber hygiene. Domain security is a prime example where companies are falling short. All companies in all industries should adopt a multi-layer defense-in-depth approach for domain security, starting with working with an enterprise-class provider.

By Sue Watts, Global Marketing Leader, Digital Brand Services, CSC

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

View All Topics