Only Two-Thirds of Federal Domains Meet Email Security Deadline

Only Two-Thirds of Federal Domains Meet Email Security Deadline

In addition to the relatively low install rate, after a year of staggered deadlines to implement the tool, one-fifth of government agency web domains appear not to have even begun installing it, according to the Global Cyber Alliance.

  • By Jessica Davis
  • Oct 18, 2018

About two-thirds (67 percent) of federal email domains met a Department of Homeland Security deadline Tuesday to install and be fully protected by a tool that guards against email phishing scams, according to research from the Global Cyber Alliance.

In addition to the relatively low install rate, after a year of staggered deadlines to implement the tool, one-fifth of government agency web domains appear not to have even begun installing it, according to the GCA.

Domain-based Message Authentication, Reporting and Conformance, known as DMARC, verifies an email sender’s identity by pinging a sender’s email domain to ask if the sender actually belongs to that organization. If the domain reports that the sender is illegitimate, DMARC can automatically deliver the email to the intended recipient’s spam folder or decline to deliver it at all.

In order to work, DMARC must be installed on both the sending and receiving inbox. More than 80 percent of commercial email inboxes have DMARC installed, as it is standard among major email providers like Google and Microsoft.

The tool is especially vital for federal government email domains, which could be used by phishers to try to scam citizens into giving them sensitive personal information related to taxes or government benefits like Medicare.

The 67 percent of government domains that had DMARC installed by the Tuesday deadline is a major increase from the 8 percent that were using the tool when Homeland Security issued the order to install it in 2017, according to Tom McDermott, the department’s Deputy Assistant Secretary for Cyber Policy.

Homeland Security plans “to get very close to 100 percent” adoption of the tool “in the near future,” McDermott said.

Defense agencies are not required to comply with Homeland Security’s 2017 DMARC order but were directed to install it whenever possible as part of a defense policy bill passed by Congress in August.

DMARC should be installed across defense domains by the end of the year, according to Defense Chief Information Officer Dana Deasy.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

  • UL Solutions Launches Artificial Intelligence Safety Certification Services

    UL Solutions Inc., a global leader in safety science, today announced the launch of artificial intelligence (AI) safety certification services, enabling comprehensive assessments for evaluating the safety of AI-powered products. Read Now

  • ESA Announces Initiative to Introduce the SECURE Act in State Legislatures

    The Electronic Security Association (ESA), the national voice for the electronic security and life safety industry, has announced plans to introduce the SECURE Act in state legislatures across the country beginning in 2025. The proposal, known as Safeguarding Election Candidates Using Reasonable Expenditures, provides a clear framework that allows candidates and elected officials to use campaign funds for professional security services. Read Now

    • Guard Services

  • Ransomware Attacks Rise for the First Time in Six Months

    Ransomware attacks have risen for the first time in six months, increasing by 28% month-on-month to 421 attacks. While overall attack volume remained below 500, the uptick may signal a renewed escalation heading into the year’s most active period for cyber criminals. Read Now

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

Most   Popular

New Products

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file.