Only Two-Thirds of Federal Domains Meet Email Security Deadline -- Security Today

Only Two-Thirds of Federal Domains Meet Email Security Deadline

In addition to the relatively low install rate, after a year of staggered deadlines to implement the tool, one-fifth of government agency web domains appear not to have even begun installing it, according to the Global Cyber Alliance.

By Jessica Davis
Oct 18, 2018

About two-thirds (67 percent) of federal email domains met a Department of Homeland Security deadline Tuesday to install and be fully protected by a tool that guards against email phishing scams, according to research from the Global Cyber Alliance.

Domain-based Message Authentication, Reporting and Conformance, known as DMARC, verifies an email sender’s identity by pinging a sender’s email domain to ask if the sender actually belongs to that organization. If the domain reports that the sender is illegitimate, DMARC can automatically deliver the email to the intended recipient’s spam folder or decline to deliver it at all.

In order to work, DMARC must be installed on both the sending and receiving inbox. More than 80 percent of commercial email inboxes have DMARC installed, as it is standard among major email providers like Google and Microsoft.

The tool is especially vital for federal government email domains, which could be used by phishers to try to scam citizens into giving them sensitive personal information related to taxes or government benefits like Medicare.

The 67 percent of government domains that had DMARC installed by the Tuesday deadline is a major increase from the 8 percent that were using the tool when Homeland Security issued the order to install it in 2017, according to Tom McDermott, the department’s Deputy Assistant Secretary for Cyber Policy.

Homeland Security plans “to get very close to 100 percent” adoption of the tool “in the near future,” McDermott said.

Defense agencies are not required to comply with Homeland Security’s 2017 DMARC order but were directed to install it whenever possible as part of a defense policy bill passed by Congress in August.

DMARC should be installed across defense domains by the end of the year, according to Defense Chief Information Officer Dana Deasy.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

Convergint Celebrates 22nd Annual Convergint Social Responsibility Day Globally

Today (June 9), more than 9,200 Convergint colleagues across 200+ global offices have the opportunity to give back to their communities as part of the company’s 22nd annual Convergint Social Responsibility Day.< Read Now
- Dealers and Integrators
Report: Advanced Phishing Attacks Grew By 356 Percent in 2022

A report recently published by Perception Point, a provider of advanced threat prevention across digital channels, has identified a 356% growth in the amount of advanced phishing attacks attempted by threat actors in 2022. Overall, the total number of attacks increased by 87%, highlighting the growing threat that cyber-attacks now pose to organizations. Read Now
- Cybersecurity
DHS Announces First Department-Wide Policy on Body-Worn Cameras

As required by President Biden’s Executive Order on Advancing Effective, Accountable Policing and Criminal Justice Practices to Enhance Public Trust and Public Safety, Secretary of Homeland Security Alejandro N. Mayorkas recently announced the first Department-wide policy on Body-Worn Cameras (BWCs) for its law enforcement officers and agents. Read Now
- Government
Federal Agencies Reported More Than 30,000 Cyber Incidents In FY22

In the fiscal year 2022, Federal agencies saw fewer cyber incidents overall, which decreased by around 6%. Read Now
- Cybersecurity
- Government

Webinars

Seneca,Nvidia

Simple Selling with Seneca Vision AI Validated Solutions
Hanwha Vision (formerly Hanwha Techwin)

New Ways to Train an Effective Security Team
Hanwha Vision (formerly Hanwha Techwin)

Seeing Beyond Your Perimeter

Whitepapers

Hytera

Push-to-Talk Over Cellular (PoC) for Security Professionals
Vicon Industries

Superior Security Begins with a Single Pane of Glass
Winsted Corporation

Top Considerations When Designing an Ergonomic Control Room

New Products

Camden Door Controls ‘SER” Surface Boxes and Extension Rings

Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3
PDK.IO Access Control Software

ProdataKey now allows for "custom fields" within the interface of its pdk.io software. Custom fields increase PDK's solutions' overall functionality by allowing administrators to include a wide range of pertinent data associated with each user. 3
XS4 Original+

The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3

Only Two-Thirds of Federal Domains Meet Email Security Deadline

ASSA ABLOY Integrates Aperio® Wireless Technology with Verkada Command

Altronix Appoints New Rep Firms to Strengthen its Footprint in the Northeast U.S. and Canada

Axis Communications Optimizes Production to Conquer Supply Chain Constraints