|
This year marks the fifth annual release of CSC’s “Domain Security Report,” which continues to shed light on the evolving landscape of domain security among Global 2000 companies. The anniversary coincides with CSC’s 125th year, underscoring its long-standing commitment to brand protection and cybersecurity. Over the past half-decade, significant progress has been made in adopting key domain security measures, but with cyber threats intensifying—especially with phishing attacks on the rise—much remains to be done. The report highlights areas where companies are vulnerable, offering insights to help organizations strengthen their defenses in the external attack surface, where many cyber risks originate.
One of the key findings of the 2024 report is the persistent risk posed by homoglyph domains—lookalike websites designed to impersonate legitimate companies. Alarmingly, 80% of such domains that resemble Global 2000 brands are owned by third parties, with 42% of these having email exchange (MX) records, potentially enabling phishing attacks. Although there has been some progress in mitigating these threats, companies continue to face challenges in securing their domains, especially when it comes to third-party ownership of domain lookalikes. These domains present significant reputation risks, and businesses must take proactive steps to safeguard their online presence.
The report also highlights an 82% growth in the adoption of domain-based message authentication, reporting, and conformance (DMARC) since 2020, driven by the increasing prevalence of phishing attacks. DMARC helps protect companies from email spoofing and has risen in popularity as companies recognize its importance in fortifying their email systems. The integration of DMARC with other tools, such as brand indicators for message identification (BIMI), is further boosting adoption. Despite this progress, a notable portion of companies still lag behind in adopting other critical security measures like registry locks and domain name system security extensions (DNSSEC), leaving them exposed to significant risks.
Another concerning trend is the low adoption of registry locks that prevent unauthorized changes to domain records. While adoption has grown slightly, reaching 24% in 2024, it remains underused, particularly among companies using consumer-grade registrars, where only 5% have implemented this security feature. Registry locks are a simple but highly effective way to protect domains from hijacking, and businesses that neglect this measure are leaving themselves vulnerable to both human error and cyber threats.
As the digital landscape becomes more complex, CSC’s findings emphasize the need for a comprehensive approach to domain security. With cybercriminals becoming more sophisticated in their use of malicious domain registrations, companies must continuously monitor their domain ecosystems and invest in advanced security measures. From securing lapsed domains to mitigating risks associated with dormant subdomains, businesses need to stay vigilant.
As CSC celebrates its 125th year, its role as a trusted partner in domain security remains as critical as ever, providing expertise and tools to help companies protect their brands and maintain a robust cybersecurity posture.
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byWhoisXML API